URL: https://www.heryerbitki.com/cicek-sepeti/
Submission: On February 12 via manual from TR — Scanned from DE

Summary

This website contacted 42 IPs in 9 countries across 35 domains to perform 97 HTTP transactions. The main IP is 159.69.167.220, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.heryerbitki.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on April 27th 2021. Valid for: a year.
This is the only time www.heryerbitki.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 159.69.167.220 24940 (HETZNER-AS)
1 178.250.2.140 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 212.252.27.161 43391 (NETDIREKT-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
2 142.250.186.162 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 4 2a02:2638::1c 44788 (ASN-CRITE...)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 212.252.27.181 43391 (NETDIREKT-AS)
1 178.250.2.146 44788 (ASN-CRITE...)
5 178.250.0.163 44788 (ASN-CRITE...)
1 1 142.250.184.194 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
1 185.86.137.132 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
5 7 37.252.172.123 29990 (ASN-APPNEX)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 3 18.156.0.31 16509 (AMAZON-02)
2 2 18.158.238.206 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2 54.76.84.232 16509 (AMAZON-02)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2600:9000:215... 16509 (AMAZON-02)
1 2 18.195.140.72 16509 (AMAZON-02)
1 34.98.64.218 15169 (GOOGLE)
2 2 35.158.233.132 16509 (AMAZON-02)
2 212.82.100.181 34010 (YAHOO-IRD)
1 70.42.32.159 13789 (INTERNAP-...)
2 35.244.174.68 15169 (GOOGLE)
1 2 54.75.128.113 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 104.75.88.126 16625 (AKAMAI-AS)
1 34.102.166.132 15169 (GOOGLE)
1 124.146.215.51 2514 (INFOSPHER...)
1 124.146.215.4 2514 (INFOSPHER...)
1 52.196.179.39 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
97 42
Apex Domain
Subdomains
Transfer
27 heryerbitki.com
www.heryerbitki.com
674 KB
11 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4688
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
sslwidget.criteo.com — Cisco Umbrella Rank: 1671
dis.criteo.com — Cisco Umbrella Rank: 619
17 KB
9 ikost.com
cdn.ikost.com
cdnheryerbitki.ikost.com
342 KB
7 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 350
7 KB
6 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 835
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
sp.analytics.yahoo.com — Cisco Umbrella Rank: 796
2 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
5 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6342
693 B
4 google.com
analytics.google.com — Cisco Umbrella Rank: 861
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
192 KB
3 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 4945
cotads.adscale.de — Cisco Umbrella Rank: 13532
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1249
adgen.socdm.com — Cisco Umbrella Rank: 3470
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
895 B
2 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 1741
1 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 283
417 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
714 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 621
854 B
2 gstatic.com
fonts.gstatic.com
75 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
498 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
16 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 setrowid.com
sl.setrowid.com — Cisco Umbrella Rank: 201628
sua.setrowid.com — Cisco Umbrella Rank: 263010
62 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 754
418 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 1952
44 B
1 tpmn.co.kr
ad.tpmn.co.kr — Cisco Umbrella Rank: 3251
602 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 1163
426 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 717
476 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 322
274 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
240 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 552
678 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1241
230 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535
163 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
239 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
13 KB
97 35
Domain Requested by
27 www.heryerbitki.com www.heryerbitki.com
7 secure.adnxs.com 5 redirects
6 cdnheryerbitki.ikost.com www.heryerbitki.com
4 dis.criteo.com
4 gum.criteo.com 3 redirects static.criteo.net
4 www.google.de www.heryerbitki.com
4 www.googletagmanager.com www.heryerbitki.com
www.googletagmanager.com
3 ups.analytics.yahoo.com 1 redirects
3 www.google.com 1 redirects www.heryerbitki.com
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
3 cdn.ikost.com www.heryerbitki.com
2 pixel.tapad.com 1 redirects
2 partner.mediawallahscript.com 1 redirects
2 idsync.rlcdn.com
2 sp.analytics.yahoo.com
2 pixel.advertising.com 2 redirects
2 x.bidswitch.net 1 redirects
2 ad.360yield.com 1 redirects
2 ih.adscale.de 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com www.heryerbitki.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 connect.facebook.net www.heryerbitki.com
connect.facebook.net
2 fonts.googleapis.com www.heryerbitki.com
1 d.turn.com 1 redirects
1 cs.adingo.jp
1 adgen.socdm.com
1 tg.socdm.com
1 ad.tpmn.co.kr
1 cw.addthis.com
1 sync.outbrain.com
1 us-u.openx.net
1 s.ad.smaato.net
1 simage2.pubmatic.com
1 cotads.adscale.de
1 ads.yahoo.com
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 cm.g.doubleclick.net 1 redirects
1 sslwidget.criteo.com static.criteo.net
1 mug.criteo.com www.heryerbitki.com
1 sua.setrowid.com sl.setrowid.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 static.criteo.net dynamic.criteo.com
1 sl.setrowid.com www.heryerbitki.com
1 dynamic.criteo.com www.heryerbitki.com
97 48

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.ikost.com
Subject Issuer Validity Valid
heryerbitki.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-04-27 -
2022-04-27
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-04 -
2022-05-03
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.ikost.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-09 -
2022-03-09
a year crt.sh
*.setrowid.com
Thawte RSA CA 2018
2021-12-28 -
2022-12-28
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-11-21 -
2022-02-19
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-02 -
2022-05-03
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
www.google.de
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
www.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.google.de
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-02-07 -
2022-03-30
2 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
s.ad.smaato.net
Amazon
2021-09-21 -
2022-10-20
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-10-19 -
2022-04-13
6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018
2021-10-24 -
2022-11-24
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
ad.tpmn.co.kr
GTS CA 1D4
2021-12-30 -
2022-03-30
3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018
2020-04-24 -
2022-06-02
2 years crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1
2021-03-26 -
2022-04-14
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.heryerbitki.com/cicek-sepeti/
Frame ID: 06997FCFB4FF39E772FDAD705BE38485
Requests: 68 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.heryerbitki.com&origin=onetag
Frame ID: B8B396E89F791BF38C10B8150D79E5BC
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: DEB921ECB854126D5673D58DBB1C9E45
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Çiçek Sepeti Hediye (İndirimli Çiçekler) - Heryerbitki

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

97
Requests

85 %
HTTPS

36 %
IPv6

35
Domains

48
Subdomains

42
IPs

9
Countries

1522 kB
Transfer

2775 kB
Size

50
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&auid=1604378217.1644646642&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8VAHYo6OM7exx_AP4qyPiAk&sscte=1&crd=CNPgGw&eitems=ChEIgK-YkAYQqJDDu7a297yKARIdAFoDF9ObUMd6-F4eyh8QshWc4y63__2QqRWLYXw HTTP 302
  • https://www.google.com/pagead/1p-conversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&auid=1604378217.1644646642&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=8VAHYo6OM7exx_AP4qyPiAk&eitems=ChEIgK-YkAYQqJDDu7a297yKARIdAFoDF9PCuUd5pi-Jeh8SIzvMaMmPi5LKrw6dl-A&random=804430884&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&auid=1604378217.1644646642&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=8VAHYo6OM7exx_AP4qyPiAk&eitems=ChEIgK-YkAYQqJDDu7a297yKARIdAFoDF9PCuUd5pi-Jeh8SIzvMaMmPi5LKrw6dl-A&random=804430884&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 66
  • https://gum.criteo.com/sid/json?origin=onetag&domain=heryerbitki.com&sn=ChromeSyncframe&so=0&topUrl=www.heryerbitki.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=9Pw5QXxiS0J1L0Z4bDhKYzhvanVaeTJUK2V2NWtBTnluTzYzS2JnMmxROVM1M2lVVjVFVW9JWGJ2YUdnRlJZanRQMzFyMm5saUp4RnluU25Sc1hFVVJFb2V1cnZYdWNQQjhaaTBGMjMyV3dpaGxrdEVTdFVUY1pQaDU5a04rQXpOdk9RSEFjV3p4MjlDSCtwWFdicHBLZm4zemhiRkdqanlSTkNsWFNFTDFHSTNwN1hITTlxVjVDbmJHZ1YyVTNNZjF0VnJ1SXBVSzIxUGVZMWNSMjRxalVkWmtJWWFGTmFVQ0U4d1VWQnBNZTZPMTNpeTFlaDY3WEp1Q29Ndmo0SFh3Ym53UHJmQTk4M2NLUXQyZ3RJM3RwUHpVZz09fA&cppv=2
Request Chain 69
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1SWlludnRNWkV3dXdZSFNoWk8yTG9mT1ZoQkxkeTliTjRfTi1pZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 73
  • https://secure.adnxs.com/setuid?entity=52&code=k-GlPEy9MZEwuwYHShZO2LofOVhBKQriSZQLiPng&seg=130915 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-GlPEy9MZEwuwYHShZO2LofOVhBKQriSZQLiPng%26seg%3D130915
Request Chain 75
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5VEma9MZEwuwYHShZO2LofOVhBJ18leBIlQQ5g HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5VEma9MZEwuwYHShZO2LofOVhBJ18leBIlQQ5g&verify=true
Request Chain 76
  • https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-_1fQf9MZEwuwYHShZO2LofOVhBIRRM6dk-K4vA&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-_1fQf9MZEwuwYHShZO2LofOVhBIRRM6dk-K4vA&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=c4ccd88e662648f2b3f9a8348f273f62 HTTP 307
  • https://cotads.adscale.de/ads/pixel/1by1.png?uid=cc73ff45169e9b54af56efab7d41e12c618d322b0e1fee79702d332d840a0f74
Request Chain 77
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-NgEk_9MZEwuwYHShZO2LofOVhBJHeapZhHQGpQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NgEk_9MZEwuwYHShZO2LofOVhBJHeapZhHQGpQ
Request Chain 80
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sd9V9NMZEwuwYHShZO2LofOVhBJYb_kjYqVGuw&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sd9V9NMZEwuwYHShZO2LofOVhBJYb_kjYqVGuw&expires=30
Request Chain 82
  • https://pixel.advertising.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1&apid=UP708355e5-8bcb-11ec-9f0a-02dce75facea
Request Chain 85
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=iqQxvuadUSF6Fb3AsjNU24oGiTmOGewH
Request Chain 86
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&custom=&tag_format=img&tag_action=sync&custom=&cb=d5cd68d9-00a9-4b4f-9dc4-ab3400075a13 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=d5cd68d9-00a9-4b4f-9dc4-ab3400075a13&final=true&reqid=709249a0-8bcb-11ec-9bcf-7b0e8b37981a&timestamp=2022-02-12T06%3A17%3A22.490Z
Request Chain 88
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig
Request Chain 94
  • https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777
Request Chain 95
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/DHy5fbGCJDpAF2U1mYqZLBxiuJBYmtOW/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2637876103678553168
Request Chain 98
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.heryerbitki.com/cicek-sepeti/
189 KB
32 KB
Document
General
Full URL
https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
ef4aa270bae60203e89dae93c74744e8c83524928b18ef0514fa90853e9a3e5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAME-ORIGIN
date
Sat, 12 Feb 2022 06:17:19 GMT
content-length
32649
bundle_new2.js
www.heryerbitki.com/assets/
311 KB
70 KB
Script
General
Full URL
https://www.heryerbitki.com/assets/bundle_new2.js?v=398
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
56f06fb6d5b89be74901b1ab3adb2051443a5ceae4a8b31bc76fbcc29f5e3c1d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 06 Jun 2021 19:40:34 GMT
etag
"0251d1b5bd71:0"
x-frame-options
SAME-ORIGIN
content-type
application/javascript
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
72032
x-xss-protection
1; mode=block
bundlex5.css
www.heryerbitki.com/assets/
176 KB
27 KB
Stylesheet
General
Full URL
https://www.heryerbitki.com/assets/bundlex5.css?v=398
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
b7c8e6fee2a7e7619707c3d3a0f91aaa8122ec9c34e68bba7cb2d520d6867b2c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 10 Jul 2021 11:28:35 GMT
etag
"80b35ab87e75d71:0"
x-frame-options
SAME-ORIGIN
content-type
text/css
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
27239
x-xss-protection
1; mode=block
ld.js
dynamic.criteo.com/js/ld/
522 B
641 B
Script
General
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=73365
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8251abc155c1c683a5681bee1ca493c342f6891a97769361adab790f3f6bac4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:20 GMT
content-encoding
br
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
js
www.googletagmanager.com/gtag/
141 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-648796933
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e094372c352c53fd2f00f6ec27f18f67e360b5959a0b977977ebfd526bcb78ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53961
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Feb 2022 06:17:21 GMT
logo7.png
www.heryerbitki.com/medya/
3 KB
3 KB
Image
General
Full URL
https://www.heryerbitki.com/medya/logo7.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
3c91edd8e0dc6edf54e405b126b2baece0841978a41bffcf32a2deea5c165e8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Wed, 01 Sep 2021 15:20:48 GMT
etag
"6aec3ff1449fd71:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
3156
x-xss-protection
1; mode=block
menuicon609202223173333.jpeg
www.heryerbitki.com/medya/
243 KB
244 KB
Image
General
Full URL
https://www.heryerbitki.com/medya/menuicon609202223173333.jpeg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
b9b4ce2960aa6425978ab9b42ef117a5ae13d9e577f1e742f02a81f508d81baa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Thu, 03 Feb 2022 14:33:33 GMT
etag
"f2bbb5b19d81:0"
x-frame-options
SAME-ORIGIN
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
249278
x-xss-protection
1; mode=block
menuimage50620211129133657.png
www.heryerbitki.com/medya/
42 KB
42 KB
Image
General
Full URL
https://www.heryerbitki.com/medya/menuimage50620211129133657.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
5e8c8d8544b203a0a39c046167373095726d46d6a13eba37b1fea49c0d0a355c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Mon, 29 Nov 2021 10:36:57 GMT
etag
"ad52ba8de5d71:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
42498
x-xss-protection
1; mode=block
menuimage65320211129134011.png
www.heryerbitki.com/medya/
34 KB
34 KB
Image
General
Full URL
https://www.heryerbitki.com/medya/menuimage65320211129134011.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
4e0ce6796a622d86849392be20e64eed0ad851d25001b2e001735f30fc4b948f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Mon, 29 Nov 2021 10:40:11 GMT
etag
"2060657cde5d71:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
34681
x-xss-protection
1; mode=block
menuimage736202211210149.png
www.heryerbitki.com/medya/
2 KB
2 KB
Image
General
Full URL
https://www.heryerbitki.com/medya/menuimage736202211210149.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
235a0da803d708435c62802332adb800d776a4fa8052313bf948afbf98444a2d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Wed, 12 Jan 2022 07:01:49 GMT
etag
"908fa44827d81:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
1622
x-xss-protection
1; mode=block
menuimage700202229172831.png
www.heryerbitki.com/medya/
94 KB
94 KB
Image
General
Full URL
https://www.heryerbitki.com/medya/menuimage700202229172831.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
6129b8760f1770517ffde79f448529558b0a4a655f3fcf871b74503d803db26a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Wed, 09 Feb 2022 14:28:31 GMT
etag
"fbacde4fc11dd81:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
95875
x-xss-protection
1; mode=block
truck10.svg
www.heryerbitki.com/icons2019/
5 KB
2 KB
Image
General
Full URL
https://www.heryerbitki.com/icons2019/truck10.svg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
df21bbefcbcb5215d872dec3ce6375eeb62e1ea6fa7e2dd179178c2815d15d46
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Oct 2019 21:52:54 GMT
etag
"03f59bbd982d51:0"
x-frame-options
SAME-ORIGIN
content-type
image/svg+xml
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
1899
x-xss-protection
1; mode=block
user.svg
www.heryerbitki.com/icons2019/
808 B
900 B
Image
General
Full URL
https://www.heryerbitki.com/icons2019/user.svg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
efb5254fcf310f40161170b6140861320e0000b87b1f5143e4b58e91ba30d844
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Wed, 27 Mar 2019 21:02:26 GMT
etag
"63459d61e0e4d41:0"
x-frame-options
SAME-ORIGIN
content-type
image/svg+xml
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
808
x-xss-protection
1; mode=block
h_customer.svg
www.heryerbitki.com/icons2019/
1 KB
1 KB
Image
General
Full URL
https://www.heryerbitki.com/icons2019/h_customer.svg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
8ca51afcb838ad7180261bfdafcdba4e634942fe9d4063f00f6b4b0a6f590e2a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Tue, 07 May 2019 19:58:47 GMT
etag
"d8ee8148f5d51:0"
x-frame-options
SAME-ORIGIN
content-type
image/svg+xml
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
1439
x-xss-protection
1; mode=block
ara3.svg
www.heryerbitki.com/icons2019/
1008 B
1 KB
Image
General
Full URL
https://www.heryerbitki.com/icons2019/ara3.svg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
f59f438695d3ab0d6182b4c7e11d2e84205524788f853276629517d4aecc6fb0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 15:50:56 GMT
etag
"b4cf596a6e41d51:0"
x-frame-options
SAME-ORIGIN
content-type
image/svg+xml
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
1008
x-xss-protection
1; mode=block
menu.svg
www.heryerbitki.com/icons2019/
1 KB
1 KB
Image
General
Full URL
https://www.heryerbitki.com/icons2019/menu.svg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
21b5fa1539b4dc7e3574a14d1e294872f31f38172b20c25d6dcb0c1b3c48cdbf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 16:28:56 GMT
etag
"782c25b97341d51:0"
x-frame-options
SAME-ORIGIN
content-type
image/svg+xml
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
1190
x-xss-protection
1; mode=block
basket.png
www.heryerbitki.com/icons2019/
4 KB
4 KB
Image
General
Full URL
https://www.heryerbitki.com/icons2019/basket.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
4d60904359f53202dcf17d3b739b0393b795906dfbb110fd3c5c61e85ebc9d37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 04:24:29 GMT
etag
"3e49e6f1083d51:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
4067
x-xss-protection
1; mode=block
favoriler.png
www.heryerbitki.com/icons2019/
795 B
1016 B
Image
General
Full URL
https://www.heryerbitki.com/icons2019/favoriler.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
cd3351e84fb62d2bf5309d03964da8e5d995739e6b6d05c4e1d36509a11aa307
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Wed, 22 Jul 2020 23:30:40 GMT
etag
"99c5931c8060d61:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
795
x-xss-protection
1; mode=block
user3.svg
www.heryerbitki.com/icons2019/
2 KB
2 KB
Image
General
Full URL
https://www.heryerbitki.com/icons2019/user3.svg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
d46a2204d421401be44d2fa62f6ea778ecf6b6850c20d158f4715f388f086ae9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Mon, 14 Oct 2019 21:50:34 GMT
etag
"5b93f767d982d51:0"
x-frame-options
SAME-ORIGIN
content-type
image/svg+xml
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
1652
x-xss-protection
1; mode=block
2588_480.jpeg
cdn.ikost.com/3065/urunler/
37 KB
37 KB
Image
General
Full URL
https://cdn.ikost.com/3065/urunler/2588_480.jpeg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
d65ab1e44d47ef28337515b7ee04da467fe53c661a178d9e53608100d58c179a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sat, 24 Apr 2021 13:25:36 GMT
etag
"ea2eaa4fd39d71:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
37715
x-xss-protection
1; mode=block
783_480.jpg
cdn.ikost.com/3065/urunler/
42 KB
42 KB
Image
General
Full URL
https://cdn.ikost.com/3065/urunler/783_480.jpg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
61ac0aeceb929693b03d278b898e875c72d836d0e207cd6c54c57d818d21ef41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 20 Apr 2021 16:28:10 GMT
etag
"34344a27236d71:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
42631
x-xss-protection
1; mode=block
3315_360.jpeg
cdn.ikost.com/3065/urunler/
23 KB
23 KB
Image
General
Full URL
https://cdn.ikost.com/3065/urunler/3315_360.jpeg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
3896e9bb86c1957025399cff2b38bc360708e492cff7049554398d19d9cd41fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 13 Aug 2021 11:06:57 GMT
etag
"1159fc543390d71:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
23534
x-xss-protection
1; mode=block
menuicon700202229175241.png
www.heryerbitki.com/medya/
873 B
972 B
Image
General
Full URL
https://www.heryerbitki.com/medya/menuicon700202229175241.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
eb9c7e9d741580c24d3feddd49a1ad117fa4bcba55d5c115c0b50a783fcbab53
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Wed, 09 Feb 2022 14:52:41 GMT
etag
"a1d34b0c41dd81:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
873
x-xss-protection
1; mode=block
tenor.gif
www.heryerbitki.com/images/
3 KB
3 KB
Image
General
Full URL
https://www.heryerbitki.com/images/tenor.gif
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
1a976356fa13dc84c07acc03884af6915840b138939e84338420e6e069b9db38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 09:06:18 GMT
etag
"8ae3cc39f32d71:0"
x-frame-options
SAME-ORIGIN
content-type
image/gif
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2639
x-xss-protection
1; mode=block
youtube.svg
www.heryerbitki.com/
747 B
853 B
Image
General
Full URL
https://www.heryerbitki.com/youtube.svg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
1b71e350b1f89cc612d13ad83db1c2712d7e80a4fa6d8845618be772be1d59ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Tue, 27 Jul 2021 08:49:29 GMT
etag
"2fe09c4fc482d71:0"
x-frame-options
SAME-ORIGIN
content-type
image/svg+xml
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
747
x-xss-protection
1; mode=block
ssl2a.jpg
www.heryerbitki.com/
12 KB
12 KB
Image
General
Full URL
https://www.heryerbitki.com/ssl2a.jpg
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
48c43cc9530d0ee7d4573179ca75ecf72282dfd67b7bb27170c27c0267dcf8a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Tue, 15 Oct 2019 08:23:42 GMT
etag
"9f40db3183d51:0"
x-frame-options
SAME-ORIGIN
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
11959
x-xss-protection
1; mode=block
index.js.php
sl.setrowid.com/
10 KB
4 KB
Script
General
Full URL
https://sl.setrowid.com/index.js.php?mkodu=2423
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
212.252.27.161 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
sl.setrowid.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
223a62b3ed7373ddfc3d95d89799d081dfedf7b5d507e703328f00d6f3cf9cac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:17:18 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
slick.min.js
www.heryerbitki.com/slick_slider/slick/
40 KB
10 KB
Script
General
Full URL
https://www.heryerbitki.com/slick_slider/slick/slick.min.js?v=398
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 Dec 2018 18:49:31 GMT
etag
"80ef392829cd41:0"
x-frame-options
SAME-ORIGIN
content-type
application/javascript
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
9728
x-xss-protection
1; mode=block
slick.css
www.heryerbitki.com/slick_slider/slick/
2 KB
838 B
Stylesheet
General
Full URL
https://www.heryerbitki.com/slick_slider/slick/slick.css?v=398
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
e313954fecc5d58d0bc3a9df4a1ba55776ad79d7a70e322204935ba4bafbb5e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Oct 2020 18:58:34 GMT
etag
"03e6f5a59dd61:0"
x-frame-options
SAME-ORIGIN
content-type
text/css
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
754
x-xss-protection
1; mode=block
slick-theme.css
www.heryerbitki.com/slick_slider/slick/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.heryerbitki.com/slick_slider/slick/slick-theme.css?v=398
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
c0d0813e2612f2f298676a810a349f4854b275051662f436f3d83240c371e49d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Aug 2020 08:31:58 GMT
etag
"0d383b1157dd61:0"
x-frame-options
SAME-ORIGIN
content-type
text/css
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
1595
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/
4 KB
610 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600&display=swap
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a692eb07346ce7f8b7e6e3d60716e3f3e8d4e90a345e09724507bf2672e111b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 06:17:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 06:17:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 06:17:21 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap&subset=latin-ext
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 05:14:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 06:17:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 06:17:21 GMT
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
dI//hYkV62MYZeaFahuc8ljzRJN52o1znnh2fP9S5DHUMGmdzmFMjcZmM/8jUxS7cQ0R0MEJFOtvkAwgMUOTNg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TZTR4QW
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74347e91270e9651028db0799acd8afdb5adeceaef1922ed9756eccfffa2f51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39373
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Feb 2022 06:17:21 GMT
fontawesome-webfont.woff2
www.heryerbitki.com/fonts/
75 KB
75 KB
Font
General
Full URL
https://www.heryerbitki.com/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/assets/bundlex5.css?v=398
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heryerbitki.com/assets/bundlex5.css?v=398
Origin
https://www.heryerbitki.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Thu, 03 Nov 2016 09:08:04 GMT
etag
"0b2b5c8b135d21:0"
x-frame-options
SAME-ORIGIN
content-type
application/font-woff2
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
190807066229815
connect.facebook.net/signals/config/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/190807066229815?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b16927b9b26f082bdc35d471f89cc6943c2db2fe929294cd1e4fe291bc80cbc1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89146
x-xss-protection
0
pragma
public
x-fb-debug
5BPO3TWGpEHvrEdkYw6BBJsJXYvCpiJUU/SZiBjFX+mzl5LROwAYGt7eUOobCBYqbXuph+5jTc2JqAivIt2isA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ld.js
static.criteo.net/js/ld/
40 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=73365
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 13 Feb 2022 06:17:21 GMT
ikostlogo3.png
www.heryerbitki.com/
8 KB
8 KB
Image
General
Full URL
https://www.heryerbitki.com/ikostlogo3.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
4b7dc2177eddc5292b42078ea2ea1e950daaaa7b968397efd2ca3b8b2e97ea98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Mon, 01 Jul 2019 01:28:53 GMT
etag
"2b51dc57ac2fd51:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
8292
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
168 KB
62 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7C5LEFG0DT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZTR4QW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7ea0d101baba3861c8496afe262bf36ccf6d3f9af688f2a69e9bc4aa34bf73a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63365
x-xss-protection
0
expires
Sat, 12 Feb 2022 06:17:21 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZTR4QW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Feb 2022 06:17:21 GMT
js
www.googletagmanager.com/gtag/
97 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-123456&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZTR4QW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e915770704c7c48671eacf8b5af77971c1e8cee1cd9010bd99fcf3ca5916d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39547
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Feb 2022 06:17:21 GMT
/
www.facebook.com/tr/
44 B
407 B
Image
General
Full URL
https://www.facebook.com/tr/?id=190807066229815&ev=PageView&dl=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&rl=&if=false&ts=1644646641776&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644646641775.1996692942&it=1644646641701&coo=false&rqm=GET
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 12 Feb 2022 06:17:21 GMT
/
www.googleadservices.com/pagead/conversion/648796933/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/648796933/?random=1644646641812&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&auid=1604378217.1644646642&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
425f86536866801814e0ff556c3a15679c7f2a22d33db4c0e0ff3d48f663ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
350 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7C5LEFG0DT&gtm=2oe290&_p=351452117&sr=1600x1200&_gaz=1&ul=en-us&cid=723302607.1644646642&_s=1&dl=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&dt=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&sid=1644646641&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7C5LEFG0DT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heryerbitki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
350 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7C5LEFG0DT&cid=723302607.1644646642&gtm=2oe290&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7C5LEFG0DT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heryerbitki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7C5LEFG0DT&cid=723302607.1644646642&gtm=2oe290&aip=1&z=2119335811
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/123456/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/123456/?random=1644646641837&cv=9&fst=1644646641837&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config%3B%20allow_enhanced_conversions%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce8a77834d2f692c5229efa7834434529f3ef61a5ce4c7fd3afac6745503064d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1094
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/648796933/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648796933/?random=1644646641838&cv=9&fst=1644646641838&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dba814c16c29a714d705710b6926b4eec358234c6201061c12301b4d1c0750f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1069
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame B8B3
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=www.heryerbitki.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2122
date
Sat, 12 Feb 2022 06:17:20 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
/
www.google.de/pagead/1p-conversion/648796933/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u...
  • https://www.google.com/pagead/1p-conversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
  • https://www.google.de/pagead/1p-conversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&auid=1604378217.1644646642&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=8VAHYo6OM7exx_AP4qyPiAk&eitems=ChEIgK-YkAYQqJDDu7a297yKARIdAFoDF9PCuUd5pi-Jeh8SIzvMaMmPi5LKrw6dl-A&random=804430884&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H3
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/648796933/?random=902463287&cv=9&fst=1644646641812&num=1&value=0&label=zbnvCIfl_fICEIW2r7UC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&auid=1604378217.1644646642&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=8VAHYo6OM7exx_AP4qyPiAk&eitems=ChEIgK-YkAYQqJDDu7a297yKARIdAFoDF9PCuUd5pi-Jeh8SIzvMaMmPi5LKrw6dl-A&random=804430884&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heryerbitki.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:58:52 GMT
x-content-type-options
nosniff
age
73109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:58:52 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heryerbitki.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 04:45:57 GMT
x-content-type-options
nosniff
age
91884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31272
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 04:45:57 GMT
phalaenopsis-purple-gift-tek-dalli-mor-orkide_500.jpg
cdnheryerbitki.ikost.com/3065/urunler/
26 KB
26 KB
Image
General
Full URL
https://cdnheryerbitki.ikost.com/3065/urunler/phalaenopsis-purple-gift-tek-dalli-mor-orkide_500.jpg?v=5058
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
bb80f890e9204dad8bdc51dbaed825f59eefdf34f466ad137c2e3baf9c0814f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 27 Jan 2022 08:46:38 GMT
etag
"9efbf1655a13d81:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
26577
x-xss-protection
1; mode=block
phalaenopsis-purple-gift-cift-dalli-mor-orkide_500.jpeg
cdnheryerbitki.ikost.com/3065/urunler/
28 KB
28 KB
Image
General
Full URL
https://cdnheryerbitki.ikost.com/3065/urunler/phalaenopsis-purple-gift-cift-dalli-mor-orkide_500.jpeg?v=5063
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
dc776771b10441bb79c1b12e811b440095365be34b333bd4d1ca39b4e11e5787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 27 Jan 2022 09:29:47 GMT
etag
"e5cf1a6d6013d81:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
28836
x-xss-protection
1; mode=block
you-are-my-sunshine-aycicegi-ve-guller-buketi_500.jpeg
cdnheryerbitki.ikost.com/3065/urunler/
50 KB
50 KB
Image
General
Full URL
https://cdnheryerbitki.ikost.com/3065/urunler/you-are-my-sunshine-aycicegi-ve-guller-buketi_500.jpeg?v=5064
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
b09a6e33325355e268546e6fc7270dd1b239a8a15f02282f2b579c5e5a620a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 27 Jan 2022 09:56:20 GMT
etag
"5ac681226413d81:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
51171
x-xss-protection
1; mode=block
la-vien-rose-kirmizi-guller-ve-krizantem-buketi_500.jpeg
cdnheryerbitki.ikost.com/3065/urunler/
48 KB
48 KB
Image
General
Full URL
https://cdnheryerbitki.ikost.com/3065/urunler/la-vien-rose-kirmizi-guller-ve-krizantem-buketi_500.jpeg?v=5072
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
0dc5a2d31f8b9259a2dca8e4bfd31415f4370676d7b78ab7c33e4a76cdc72c31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 27 Jan 2022 10:13:21 GMT
etag
"1f474836613d81:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
49402
x-xss-protection
1; mode=block
voyage-krizantem-ve-guller-buketi_500.jpeg
cdnheryerbitki.ikost.com/3065/urunler/
48 KB
48 KB
Image
General
Full URL
https://cdnheryerbitki.ikost.com/3065/urunler/voyage-krizantem-ve-guller-buketi_500.jpeg?v=5076
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
c24997deacde7a105164a95e142f35fc75fe2b6f743778c8de47a5f04e94304c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 27 Jan 2022 10:20:32 GMT
etag
"0ab4846713d81:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
48788
x-xss-protection
1; mode=block
just-like-heaven-pembe-guller-ve-lale-aranjmani_500.jpeg
cdnheryerbitki.ikost.com/3065/urunler/
40 KB
40 KB
Image
General
Full URL
https://cdnheryerbitki.ikost.com/3065/urunler/just-like-heaven-pembe-guller-ve-lale-aranjmani_500.jpeg?v=5077
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
9591930a01c896541e036194b51d24ec9b7545d338c963898ec05c065b0329dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 27 Jan 2022 10:24:27 GMT
etag
"b42f35106813d81:0"
content-type
image/jpeg
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
accept-ranges
bytes
content-length
40754
x-xss-protection
1; mode=block
up.png
www.heryerbitki.com/assets/frontend/layout/img/
948 B
1 KB
Image
General
Full URL
https://www.heryerbitki.com/assets/frontend/layout/img/up.png
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.167.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.167.69.159.clients.your-server.de
Software
/
Resource Hash
c2cf900063250bf367617d76b3f2dc076972f1155de89dcab3ad9326a908dea5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/cicek-sepeti/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
last-modified
Sun, 08 Jun 2014 22:50:14 GMT
etag
"0179426c83cf1:0"
x-frame-options
SAME-ORIGIN
content-type
image/png
cache-control
max-age=25920000
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
948
x-xss-protection
1; mode=block
sua.js
sua.setrowid.com/js/
57 KB
58 KB
Script
General
Full URL
https://sua.setrowid.com/js/sua.js?t=1644646641927
Requested by
Host: sl.setrowid.com
URL: https://sl.setrowid.com/index.js.php?mkodu=2423
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
212.252.27.181 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
181.brlcyk.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
21035534003042dca3965d869a26b2cb356825056dcb80ad550ca5c7937ea440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:13:30 GMT
Last-Modified
Fri, 22 Oct 2021 13:26:45 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6172bc15-e58e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58766
truncated
/
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81d5f6c193119a2183ce3913573d76fd5f96fd991392415c962d222075a61003

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
134 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe7b90afd92d5a88546417f5d9e4e22e428db2059cc58695e7d2f6e9cff660bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
139 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20d1bf6874438ea860f44a3bfa7071e13c46d7b378ef96e841d9cf2d619ace5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
/
www.google.com/pagead/1p-user-list/123456/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/123456/?random=1644646641837&cv=9&fst=1644645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config%3B%20allow_enhanced_conversions%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&async=1&fmt=3&is_vtc=1&random=2388814988&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/123456/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/123456/?random=1644646641837&cv=9&fst=1644645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config%3B%20allow_enhanced_conversions%3Dtrue&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&async=1&fmt=3&is_vtc=1&random=2388814988&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/648796933/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/648796933/?random=1644646641838&cv=9&fst=1644645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&async=1&fmt=3&is_vtc=1&random=4204225456&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/648796933/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/648796933/?random=1644646641838&cv=9&fst=1644645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&tiba=%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki&async=1&fmt=3&is_vtc=1&random=4204225456&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame B8B3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=heryerbitki.com&sn=ChromeSyncframe&so=0&topUrl=www.heryerbitki.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=9Pw5QXxiS0J1L0Z4bDhKYzhvanVaeTJUK2V2NWtBTnluTzYzS2JnMmxROVM1M2lVVjVFVW9JWGJ2YUdnRlJZanRQMzFyMm5saUp4RnluU25Sc1hFVVJFb2V1cnZYdWNQQjhaaTBGMjMyV3dpaGxrdEVTdFVUY1pQaDU5a0...
422 B
626 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=9Pw5QXxiS0J1L0Z4bDhKYzhvanVaeTJUK2V2NWtBTnluTzYzS2JnMmxROVM1M2lVVjVFVW9JWGJ2YUdnRlJZanRQMzFyMm5saUp4RnluU25Sc1hFVVJFb2V1cnZYdWNQQjhaaTBGMjMyV3dpaGxrdEVTdFVUY1pQaDU5a04rQXpOdk9RSEFjV3p4MjlDSCtwWFdicHBLZm4zemhiRkdqanlSTkNsWFNFTDFHSTNwN1hITTlxVjVDbmJHZ1YyVTNNZjF0VnJ1SXBVSzIxUGVZMWNSMjRxalVkWmtJWWFGTmFVQ0U4d1VWQnBNZTZPMTNpeTFlaDY3WEp1Q29Ndmo0SFh3Ym53UHJmQTk4M2NLUXQyZ3RJM3RwUHpVZz09fA&cppv=2
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
88803c6268f1e8e50caeece146e6b509df0b5c8097296543f8f269f7bf74f83e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6116
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=9Pw5QXxiS0J1L0Z4bDhKYzhvanVaeTJUK2V2NWtBTnluTzYzS2JnMmxROVM1M2lVVjVFVW9JWGJ2YUdnRlJZanRQMzFyMm5saUp4RnluU25Sc1hFVVJFb2V1cnZYdWNQQjhaaTBGMjMyV3dpaGxrdEVTdFVUY1pQaDU5a04rQXpOdk9RSEFjV3p4MjlDSCtwWFdicHBLZm4zemhiRkdqanlSTkNsWFNFTDFHSTNwN1hITTlxVjVDbmJHZ1YyVTNNZjF0VnJ1SXBVSzIxUGVZMWNSMjRxalVkWmtJWWFGTmFVQ0U4d1VWQnBNZTZPMTNpeTFlaDY3WEp1Q29Ndmo0SFh3Ym53UHJmQTk4M2NLUXQyZ3RJM3RwUHpVZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2319
content-length
541
expires
0
event
sslwidget.criteo.com/
8 KB
8 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=73365&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvl%26p%3D%255B2199%252C2200%252C2202%252C2203%252C2204%252C2205%252C2206%252C2208%252C2209%252C2210%252C2211%252C2222%252C2223%252C2225%252C2226%252C2228%252C2230%252C2231%252C2237%252C2238%252C2239%252C2242%252C2244%252C2245%252C2246%252C2247%252C2248%252C2249%252C2250%252C2251%252C2252%252C2131%252C2147%252C2185%252C2175%252C2154%252C2198%252C2193%252C2157%252C2197%252C2196%252C2195%252C2194%252C2192%252C2191%252C2189%252C2188%252C2187%252C2184%252C2183%252C2182%252C2169%252C2168%252C2167%252C2162%252C2161%252C2160%252C2159%252C2156%252C2155%252C2153%252C2152%252C2151%252C2148%252C2146%252C2145%252C2144%252C2143%252C2142%252C2141%252C2140%252C2139%252C2138%252C2136%252C2135%252C2134%252C2133%252C2132%252C2130%252C2128%252C2125%252C2123%252C2122%252C2121%252C2120%252C2119%252C2118%252C2117%252C2116%252C2113%252C2112%252C2111%252C2110%252C2109%252C2108%252C2107%252C2106%252C2105%252C2101%252C2100%252C2086%252C2081%252C2080%252C2064%252C2063%252C2098%252C2096%252C2084%252C2062%252C2095%252C2094%252C2093%252C2077%252C2036%252C2025%252C1578%252C1704%252C1469%252C1696%252C1481%252C1635%252C1921%252C1930%252C1984%252C1888%252C1695%252C1986%252C1926%252C1925%252C1701%252C1981%252C1703%252C1694%252C1887%252C1700%252C1987%252C2001%252C1916%252C1816%252C2000%252C1999%252C2097%252C1998%252C1985%252C2083%252C2029%252C2024%252C2013%252C2011%252C2010%252C2031%252C2030%252C2028%252C2006%252C1552%252C1738%252C1769%252C1647%252C1678%252C1711%252C1970%252C1712%252C1739%252C1555%252C1771%252C1565%252C1502%252C1817%252C1572%252C1692%252C1646%252C1669%252C1785%252C1726%252C1768%252C1730%252C1489%252C1801%252C1950%252C1798%252C1732%252C1680%252C1688%252C1677%252C1783%252C1566%252C1911%252C1640%252C1670%252C1622%252C1522%252C1651%252C1668%252C1553%252C1715%252C1908%252C1494%252C1952%252C1571%252C1568%255D%26ca%3D%25C3%2587i%25C3%25A7ek%2520Sepeti&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=DVgrnF9iMTVMdGpuZml6WElreE9tcmJCeUVoSGZNJTJGdlAlMkJWNjlxZjdBdUkyR1N5YVhnMUxkTWlDa0RNbmdjQTlMVGJKcjdlZG5hZUpCQTdadVVLZnhXZDVHTFpuMTJDYjd3ZjNoenROeTk3UkNGNVlnV2RlOVhmMkY4UGRiTEVCSWV1Y011WE5sN3hUdHFESlFtVGt2Yld3aDhnJTNEJTNE&tld=heryerbitki.com&dy=1&dtycbr=69063
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
362d221156c04b872934c2ca3a27b23be5358eba2ff8bf3d5a866baa6285f2ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-type
application/x-javascript
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
26957531
timing-allow-origin
*
expires
0
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=190807066229815&ev=Microdata&dl=https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F&rl=&if=false&ts=1644646642279&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%C3%87i%C3%A7ek%20Sepeti%20Hediye%20(%C4%B0ndirimli%20%C3%87i%C3%A7ekler)%20-%20Heryerbitki%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FSiteNavigationElement%22%7D%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.heryerbitki.com%22%2C%22name%22%3A%22Heryerbitki%22%7D%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A2%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.heryerbitki.com%2Fkategoriler%2F%22%2C%22name%22%3A%22Kategoriler%22%7D%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A3%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.heryerbitki.com%2Fcicek-sepeti%2F%22%2C%22name%22%3A%22%C3%87i%C3%A7ek%20Sepeti%22%7D%7D%5D%2C%22numberOfItems%22%3A3%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644646641775.1996692942&it=1644646641701&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heryerbitki.com
URL: https://www.heryerbitki.com/cicek-sepeti/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heryerbitki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sat, 12 Feb 2022 06:17:22 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DEB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1SWlludnRNWkV3dXdZSFNoWk8yTG9mT1ZoQkxkeTliTjRfTi1pZw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
159432
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DEB9
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-7IS-HdMZEwuwYHShZO2LofOVhBJeFdj-aJazJA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame DEB9
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-y2qJQNMZEwuwYHShZO2LofOVhBII9d4FBXSIMg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DEB9
0
230 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-XYciydMZEwuwYHShZO2LofOVhBIYpPkA-Z_FUQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12606
bounce
secure.adnxs.com/ Frame DEB9
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-GlPEy9MZEwuwYHShZO2LofOVhBKQriSZQLiPng&seg=130915
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-GlPEy9MZEwuwYHShZO2LofOVhBKQriSZQLiPng%26seg%3D130915
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-GlPEy9MZEwuwYHShZO2LofOVhBKQriSZQLiPng%26seg%3D130915
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:17:22 GMT
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
26e2530f-1b3d-4f4f-8c4d-cb5b687174c5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:17:22 GMT
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ad96d055-f350-453b-9727-815998d8d42f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-GlPEy9MZEwuwYHShZO2LofOVhBKQriSZQLiPng%26seg%3D130915
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
ads.yahoo.com/cms/ Frame DEB9
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame DEB9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5VEma9MZEwuwYHShZO2LofOVhBJ18leBIlQQ5g
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5VEma9MZEwuwYHShZO2LofOVhBJ18leBIlQQ5g&verify=true
0
122 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5VEma9MZEwuwYHShZO2LofOVhBJ18leBIlQQ5g&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5VEma9MZEwuwYHShZO2LofOVhBJ18leBIlQQ5g&verify=true
date
Sat, 12 Feb 2022 06:17:22 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1by1.png
cotads.adscale.de/ads/pixel/ Frame DEB9
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-_1fQf9MZEwuwYHShZO2LofOVhBIRRM6dk-K4vA&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
  • https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-_1fQf9MZEwuwYHShZO2LofOVhBIRRM6dk-K4vA&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=c4ccd...
  • https://cotads.adscale.de/ads/pixel/1by1.png?uid=cc73ff45169e9b54af56efab7d41e12c618d322b0e1fee79702d332d840a0f74
321 B
698 B
Image
General
Full URL
https://cotads.adscale.de/ads/pixel/1by1.png?uid=cc73ff45169e9b54af56efab7d41e12c618d322b0e1fee79702d332d840a0f74
Protocol
H2
Server
2600:9000:2156:c600:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified
Tue, 08 Sep 2020 23:05:25 GMT
server
AmazonS3
age
7516
etag
"c1ab48a971e5c1a7eae346346487762d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
date
Sat, 12 Feb 2022 04:12:07 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
321
x-amz-cf-id
6YQ03sXps1GuqvuJ1LNRz8hlK61cC0voXsyvX7A3Ef6kH05VqGQe0w==

Redirect headers

location
https://cotads.adscale.de/ads/pixel/1by1.png?uid=cc73ff45169e9b54af56efab7d41e12c618d322b0e1fee79702d332d840a0f74
date
Sat, 12 Feb 2022 06:17:22 GMT
content-length
0
p3p
CP=NOI PSA OUR
match
ad.360yield.com/ul_cb/ Frame DEB9
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-NgEk_9MZEwuwYHShZO2LofOVhBJHeapZhHQGpQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NgEk_9MZEwuwYHShZO2LofOVhBJHeapZhHQGpQ
43 B
446 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NgEk_9MZEwuwYHShZO2LofOVhBJHeapZhHQGpQ
Protocol
H2
Server
54.76.84.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-84-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 12 Feb 2022 06:17:22 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-NgEk_9MZEwuwYHShZO2LofOVhBJHeapZhHQGpQ
date
Sat, 12 Feb 2022 06:17:22 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pug
simage2.pubmatic.com/AdServer/ Frame DEB9
42 B
678 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-HnCkKtMZEwuwYHShZO2LofOVhBJa3gAO6ipZlQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:21 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:339
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
s.ad.smaato.net/c/ Frame DEB9
0
240 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-Zw886NMZEwuwYHShZO2LofOVhBIh67EqPhsjOg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nsQF6jDa1lTHoCB5biRp3rbmxJFBMKZzzWNcRoYyXlEigMVzatUuSg==
x-cache
FunctionGeneratedResponse from cloudfront
sync
x.bidswitch.net/ul_cb/ Frame DEB9
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sd9V9NMZEwuwYHShZO2LofOVhBJYb_kjYqVGuw&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sd9V9NMZEwuwYHShZO2LofOVhBJYb_kjYqVGuw&expires=30
43 B
495 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sd9V9NMZEwuwYHShZO2LofOVhBJYb_kjYqVGuw&expires=30
Protocol
HTTP/1.1
Server
18.195.140.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-140-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:17:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sd9V9NMZEwuwYHShZO2LofOVhBJYb_kjYqVGuw&expires=30
Date
Sat, 12 Feb 2022 06:17:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame DEB9
43 B
274 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072953&val=k--Wn5ptMZEwuwYHShZO2LofOVhBIA__Ua6ztr9A&c=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame DEB9
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1&apid=UP708355e5-8bcb-11ec-9f0a-02dce75facea
0
132 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1&apid=UP708355e5-8bcb-11ec-9f0a-02dce75facea
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-0t_BWNMZEwuwYHShZO2LofOVhBLFw_UAxaTsqA&_origin=1&apid=UP708355e5-8bcb-11ec-9f0a-02dce75facea
date
Sat, 12 Feb 2022 06:17:22 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
spp.pl
sp.analytics.yahoo.com/ Frame DEB9
43 B
716 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Sat, 12 Feb 2022 06:17:22 GMT
cookie-sync
sync.outbrain.com/ Frame DEB9
0
476 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-4KMRINMZEwuwYHShZO2LofOVhBJI8ZMBzAojVA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:17:22 GMT
Cache-Control
no-cache
X-TraceId
1773d7174826ca9a601a084cb73c9c7e
Content-Length
0
397596.gif
idsync.rlcdn.com/ Frame DEB9
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=iqQxvuadUSF6Fb3AsjNU24oGiTmOGewH
42 B
417 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=iqQxvuadUSF6Fb3AsjNU24oGiTmOGewH
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Feb 2022 06:17:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=iqQxvuadUSF6Fb3AsjNU24oGiTmOGewH
date
Sat, 12 Feb 2022 06:17:22 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
4231
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
/
partner.mediawallahscript.com/ Frame DEB9
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&custom=&tag_format=img&tag_action=sync&custom=&cb=d5cd68d9-00a9-4b4f-9dc4-ab34000...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=d5cd68d9-00a9-4b4...
0
638 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=d5cd68d9-00a9-4b4f-9dc4-ab3400075a13&final=true&reqid=709249a0-8bcb-11ec-9bcf-7b0e8b37981a&timestamp=2022-02-12T06%3A17%3A22.490Z
Protocol
HTTP/1.1
Server
54.75.128.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-128-113.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 06:17:22 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 12 Feb 2022 06:17:22 GMT
Server
nginx/1.18.0
Vary
Accept, Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/?account_id=1043&partner_id=1048&uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=d5cd68d9-00a9-4b4f-9dc4-ab3400075a13&final=true&reqid=709249a0-8bcb-11ec-9bcf-7b0e8b37981a&timestamp=2022-02-12T06%3A17%3A22.490Z
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
294
Expires
Sat, 26 Jul 1997 05:00:00 GMT
362338.gif
idsync.rlcdn.com/ Frame DEB9
0
0
Image
General
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&ct=3&cv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

check
pixel.tapad.com/idsync/ex/receive/ Frame DEB9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig
95 B
425 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig
date
Sat, 12 Feb 2022 06:17:22 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
t.gif
cw.addthis.com/ Frame DEB9
0
426 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 12 Feb 2022 06:17:22 GMT
pixelCt.tpmn
ad.tpmn.co.kr/ Frame DEB9
170 B
602 B
Image
General
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-O4sWvdMZEwuwYHShZO2LofOVhBIS3SC7k4Y-Cg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-encoding
gzip
vary
accept-encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
content-type
image/png;charset=utf-8
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync
tg.socdm.com/aux/ Frame DEB9
43 B
734 B
Image
General
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-dOwkwNMZEwuwYHShZO2LofOVhBL9Bu4OW_DjRw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.51 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-SO-Cluster-ID
11
Date
Sat, 12 Feb 2022 06:17:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?dsp_uid=k-dOwkwNMZEwuwYHShZO2LofOVhBL9Bu4OW_DjRw&proto=criteo","cluster_id":11,"gdpr":true,"ipv4":"0.0.0.0","key":"YgdQ88Co8YoAAJg65R8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40327"}
X-SO-Ads-Time
1
X-SO-Key
YgdQ88Co8YoAAJg65R8AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40327
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
a-ad40327.dc2p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
X-SO-IP
217.64.151.69
sync
adgen.socdm.com/rtb/ Frame DEB9
43 B
683 B
Image
General
Full URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.4 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-SO-Cluster-ID
27
Date
Sat, 12 Feb 2022 06:17:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?dspid=23&proto=adgen","cluster_id":27,"gdpr":true,"ipv4":"0.0.0.0","key":"YgdQ88Co8HcAAEZEYxEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad283"}
X-SO-Ads-Time
1
X-SO-Key
YgdQ88Co8HcAAEZEYxEAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad283
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
m-ad283.dc4p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
m-ng19.dc4p.scaleout.jp
X-SO-IP
217.64.151.69
/
cs.adingo.jp/sync/ Frame DEB9
0
44 B
Image
General
Full URL
https://cs.adingo.jp/sync/?from=criteo&id=k-O9wMa9MZEwuwYHShZO2LofOVhBJUYZfUgn_S5A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.179.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-179-39.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 06:17:22 GMT
server
awselb/2.0
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DEB9
Redirect Chain
  • https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2266387
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:17:22 GMT
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4ed441c4-bc93-4326-9d49-9560556b4f2d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame DEB9
Redirect Chain
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/DHy5fbGCJDpAF2U1mYqZLBxiuJBYmtOW/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2637876103678553168
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2637876103678553168
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1880516
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2637876103678553168
pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
spp.pl
sp.analytics.yahoo.com/ Frame DEB9
43 B
79 B
Image
General
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:22 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Sat, 12 Feb 2022 06:17:22 GMT
setuid
secure.adnxs.com/ Frame DEB9
43 B
1018 B
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-GlPEy9MZEwuwYHShZO2LofOVhBKQriSZQLiPng&seg=95287
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:17:22 GMT
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6c47d31e-73d2-4634-82ba-8dceb72de3ab
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DEB9
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 06:17:21 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1293403
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 12 Feb 2022 06:17:22 GMT
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1999a32d-5510-4518-b239-0294b0ad6c75
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=854292473349113777
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone string| kargoifade string| kuryeifadebugun string| kuryeifadeyarin object| Layout string| atayiyenileme string| alanAdi function| butongoster function| pencereac function| pencereac2 function| pencereac3 function| pencereac4 function| sss function| zzxx function| sepeteat4 function| sepeteat4kuryesel function| zzxxK function| sssK function| sepeteat4kuryesel2012 function| sepeteatONERI function| sepeteatONERI2 function| kargobedavaoner function| sepeteat42012 function| sepeteat4ccc function| sepeteat4cccUrunTasarlayici function| sepeteat4ccckuryesel function| sepeteat4cccSEPETONER function| sepeteat4cccKARGOONER function| sepeteat4bb function| sepeteat3 function| arama_spinner function| viewno function| sepetgetir1 function| sepetgetir function| sepetsil function| sepetbalonkapa function| ensongezajax function| userbilgiajax function| breadurunajax function| haberver4 function| faceac3 function| kargo1 function| fnOnUpdateValidators function| getCookie function| ma5menu function| ma5menuCheckScroll function| ma5menuBuilder_clearAttributes function| ma5menuBuilder_clearHTML function| ma5menuBuilder_buildActive function| ma5menuBuilder_buildLevels object| htmlRootForDetectBrowser function| isIE function| detectSafari function| detectElementScrollbar function| emaillist function| $ function| jQuery function| loadCSS object| jQuery111205697876698181747 string| subalanAdi undefined| facebookClientId function| initializeGlobalMember string| foreign string| kur string| addre string| bedenuyar function| gtag object| dataLayer function| fbq function| _fbq object| scrolltotop function| aramayap2 function| sirala string| deviceType object| criteo_q object| Criteo object| google_tag_manager object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaGlobal function| runLoader function| setrowErrorLogger string| setrowGetAgent function| setrowScriptLoader object| SETROWSCRIPTPARAMETERS string| mkodu object| params function| setrowGetURLParameter function| slLog function| ieCheck object| setrowID boolean| setrowIDCalled object| setrowIDEvent function| loadSetrowID object| setrowCookies object| onIzlemeModu object| debug object| SETROWSCRIPTPARAMETERS_2 function| sipbulmobil boolean| setrowSuaScriptIsLoad function| onYouTubeIframeAPIReady object| setrowSua

50 Cookies

Domain/Path Name / Value
www.heryerbitki.com/ Name: ASP.NET_SessionId
Value: laletyrcx5epd1mdu4a5sl4o
www.heryerbitki.com/ Name: lang
Value: TR
.heryerbitki.com/ Name: _gcl_au
Value: 1.1.1604378217.1644646642
.heryerbitki.com/ Name: _fbp
Value: fb.1.1644646641775.1996692942
.facebook.com/ Name: fr
Value: 0xxZC1dyK4tgZaX8H..BiB1Dx...1.0.BiB1Dx.
.heryerbitki.com/ Name: _ga_7C5LEFG0DT
Value: GS1.1.1644646641.1.0.1644646641.60
.heryerbitki.com/ Name: _ga
Value: GA1.1.723302607.1644646642
.criteo.com/ Name: uid
Value: 603a4273-532d-40af-8208-9091f04b3f0a
www.heryerbitki.com/ Name: strw-2423-tpvc
Value: 1
www.heryerbitki.com/ Name: strw-2423-spvc
Value: 1
www.heryerbitki.com/ Name: strw-2423-vt
Value: 0_1644646641927
.heryerbitki.com/ Name: cto_bundle
Value: DVgrnF9iMTVMdGpuZml6WElreE9tcmJCeUVoSGZNJTJGdlAlMkJWNjlxZjdBdUkyR1N5YVhnMUxkTWlDa0RNbmdjQTlMVGJKcjdlZG5hZUpCQTdadVVLZnhXZDVHTFpuMTJDYjd3ZjNoenROeTk3UkNGNVlnV2RlOVhmMkY4UGRiTEVCSWV1Y011WE5sN3hUdHFESlFtVGt2Yld3aDhnJTNEJTNE
.adnxs.com/ Name: uuid2
Value: 854292473349113777
.adscale.de/ Name: uu
Value: c4ccd88e662648f2b3f9a8348f273f62
.adscale.de/ Name: cct
Value: 1644646642350
.yahoo.com/ Name: A3
Value: d=AQABBPJQB2ICEP-0BJvelT-jRfEtMJXGLr8FEgEBAQGiCGIRYgAAAAAA_eMAAA&S=AQAAAqORgmHYPdOBx26vx_XfSfo
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2In5sC+u[!]tbPl@/D!9hy6]/Cwgd0h!1@iTtAZb]3kP/@0uomtM33gx-gxf_LcX4L9q50WqpzC2]5OaN-YD*bpRz*qF1`*bbzn+cTMf
.ih.adscale.de/ Name: tu
Value: 4#2123599882#111~k-_1fQf9MZEwuwYHShZO2LofOVhBIRRM6dk-K4vA~456846~0~0
.doubleclick.net/ Name: IDE
Value: AHWqTUm9ONVEoebG1SjAH86Yy-g8t8P7N9Lf_jhr0cer7czDQSdelIzoSo81GZN4aPw
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-HnCkKtMZEwuwYHShZO2LofOVhBJa3gAO6ipZlQ&KRTB&23286-uid:k-HnCkKtMZEwuwYHShZO2LofOVhBJa3gAO6ipZlQ&KRTB&23287-uid:k-HnCkKtMZEwuwYHShZO2LofOVhBJa3gAO6ipZlQ&KRTB&23288-uid:k-HnCkKtMZEwuwYHShZO2LofOVhBJa3gAO6ipZlQ
.pubmatic.com/ Name: PugT
Value: 1644646641
.pubmatic.com/ Name: PUBMDCID
Value: 3
.taboola.com/ Name: t_gid
Value: eaf9ba89-1973-4d85-ae72-ef7e21a49f20-tuct900d672
.rlcdn.com/ Name: rlas3
Value: OTonvKxuEJCWTMbP5QZ3aKSgbaXhSNRcj6dYjJ7yy/c=
.rlcdn.com/ Name: pxrc
Value: CAA=
.bidswitch.net/ Name: tuuid
Value: 0762a62f-98fd-41ea-941a-cec033bd964a
.bidswitch.net/ Name: c
Value: 1644646642
.bidswitch.net/ Name: tuuid_lu
Value: 1644646642
.advertising.com/ Name: APID
Value: UP708355e5-8bcb-11ec-9f0a-02dce75facea
.tapad.com/ Name: TapAd_TS
Value: 1644646642407
.tapad.com/ Name: TapAd_DID
Value: 95c3c0c5-40db-4d1c-b477-6da62b5c9e16
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~236u:1761~236u"
.360yield.com/ Name: tuuid
Value: 76a74e1e-fea7-463b-8597-5b03d0b12ddc
.360yield.com/ Name: tuuid_lu
Value: 1644646642
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.360yield.com/ Name: um
Value: !38,6J5k6tO34so-qQH8Hh6Utvq2otdnnBZ9K9AwGnhB.kUI9Vm9okNZvJLYxw7LhSBR3zl-DsJz,1652422642
.360yield.com/ Name: umeh
Value: !38,0,1706854642,-1
.turn.com/ Name: uid
Value: 2637876103678553168
.mediawallahscript.com/ Name: mCookie
Value: 709752b0-8bcb-11ec-b630-f9474b9573df
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.addthis.com/ Name: ouid
Value: 620750f20001d278f3286c46874119002c4809e85f2c36b5f67d
.addthis.com/ Name: uid
Value: 620750f218e6b817
.addthis.com/ Name: na_id
Value: 2022021206172252900928102129
.tpmn.co.kr/ Name: uuid
Value: 64447c82d9af4cf8b52c2c98fb468ac9
.tpmn.co.kr/ Name: criteo
Value: k-O4sWvdMZEwuwYHShZO2LofOVhBIS3SC7k4Y-Cg
.outbrain.com/ Name: obuid
Value: 5f9f16b6-2298-479e-ad2c-5d662e36c40a
.outbrain.com/ Name: criteo
Value: k-4KMRINMZEwuwYHShZO2LofOVhBJI8ZMBzAojVA
www.heryerbitki.com/ Name: strw-2423-ttt
Value: 3
www.heryerbitki.com/ Name: strw-2423-stt
Value: 3
www.heryerbitki.com/ Name: strw-2423-ptt
Value: 3

2 Console Messages

Source Level URL
Text
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-RZYnvtMZEwuwYHShZO2LofOVhBLdy9bN4_N-ig&ct=3&cv=1
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAME-ORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.tpmn.co.kr
adgen.socdm.com
ads.yahoo.com
analytics.google.com
cdn.ikost.com
cdnheryerbitki.ikost.com
cm.g.doubleclick.net
connect.facebook.net
cotads.adscale.de
cs.adingo.jp
cw.addthis.com
d.turn.com
dis.criteo.com
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
ih.adscale.de
mug.criteo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
sl.setrowid.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sua.setrowid.com
sync-t1.taboola.com
sync.outbrain.com
tg.socdm.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.heryerbitki.com
x.bidswitch.net
104.75.88.126
124.146.215.4
124.146.215.51
141.226.228.48
142.250.184.194
142.250.186.162
159.69.167.220
178.250.0.163
178.250.2.140
178.250.2.146
18.156.0.31
18.158.238.206
18.195.140.72
185.64.189.110
185.86.137.132
2001:678:cb4:bbbb::13
212.252.27.161
212.252.27.181
212.82.100.181
2600:9000:2156:8400:1b:5138:8a40:93a1
2600:9000:2156:c600:1b:832b:ac00:93a1
2a00:1288:80:800::7001
2a00:1450:4001:801::2004
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c08::9d
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.102.166.132
34.98.64.218
35.158.233.132
35.227.248.159
35.244.174.68
37.252.172.123
52.196.179.39
54.75.128.113
54.76.84.232
69.173.144.139
70.42.32.159
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc5a2d31f8b9259a2dca8e4bfd31415f4370676d7b78ab7c33e4a76cdc72c31
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a976356fa13dc84c07acc03884af6915840b138939e84338420e6e069b9db38
1b71e350b1f89cc612d13ad83db1c2712d7e80a4fa6d8845618be772be1d59ab
20d1bf6874438ea860f44a3bfa7071e13c46d7b378ef96e841d9cf2d619ace5b
21035534003042dca3965d869a26b2cb356825056dcb80ad550ca5c7937ea440
21b5fa1539b4dc7e3574a14d1e294872f31f38172b20c25d6dcb0c1b3c48cdbf
223a62b3ed7373ddfc3d95d89799d081dfedf7b5d507e703328f00d6f3cf9cac
235a0da803d708435c62802332adb800d776a4fa8052313bf948afbf98444a2d
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
362d221156c04b872934c2ca3a27b23be5358eba2ff8bf3d5a866baa6285f2ed
3896e9bb86c1957025399cff2b38bc360708e492cff7049554398d19d9cd41fa
3c91edd8e0dc6edf54e405b126b2baece0841978a41bffcf32a2deea5c165e8c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
425f86536866801814e0ff556c3a15679c7f2a22d33db4c0e0ff3d48f663ac20
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48c43cc9530d0ee7d4573179ca75ecf72282dfd67b7bb27170c27c0267dcf8a4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7dc2177eddc5292b42078ea2ea1e950daaaa7b968397efd2ca3b8b2e97ea98
4d60904359f53202dcf17d3b739b0393b795906dfbb110fd3c5c61e85ebc9d37
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0ce6796a622d86849392be20e64eed0ad851d25001b2e001735f30fc4b948f
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f06fb6d5b89be74901b1ab3adb2051443a5ceae4a8b31bc76fbcc29f5e3c1d
5e8c8d8544b203a0a39c046167373095726d46d6a13eba37b1fea49c0d0a355c
6129b8760f1770517ffde79f448529558b0a4a655f3fcf871b74503d803db26a
61ac0aeceb929693b03d278b898e875c72d836d0e207cd6c54c57d818d21ef41
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
6dba814c16c29a714d705710b6926b4eec358234c6201061c12301b4d1c0750f
74347e91270e9651028db0799acd8afdb5adeceaef1922ed9756eccfffa2f51d
81d5f6c193119a2183ce3913573d76fd5f96fd991392415c962d222075a61003
8251abc155c1c683a5681bee1ca493c342f6891a97769361adab790f3f6bac4b
88803c6268f1e8e50caeece146e6b509df0b5c8097296543f8f269f7bf74f83e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ca51afcb838ad7180261bfdafcdba4e634942fe9d4063f00f6b4b0a6f590e2a
9591930a01c896541e036194b51d24ec9b7545d338c963898ec05c065b0329dd
9e915770704c7c48671eacf8b5af77971c1e8cee1cd9010bd99fcf3ca5916d0b
a692eb07346ce7f8b7e6e3d60716e3f3e8d4e90a345e09724507bf2672e111b7
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b09a6e33325355e268546e6fc7270dd1b239a8a15f02282f2b579c5e5a620a33
b16927b9b26f082bdc35d471f89cc6943c2db2fe929294cd1e4fe291bc80cbc1
b7c8e6fee2a7e7619707c3d3a0f91aaa8122ec9c34e68bba7cb2d520d6867b2c
b9b4ce2960aa6425978ab9b42ef117a5ae13d9e577f1e742f02a81f508d81baa
bb80f890e9204dad8bdc51dbaed825f59eefdf34f466ad137c2e3baf9c0814f6
c0d0813e2612f2f298676a810a349f4854b275051662f436f3d83240c371e49d
c24997deacde7a105164a95e142f35fc75fe2b6f743778c8de47a5f04e94304c
c2cf900063250bf367617d76b3f2dc076972f1155de89dcab3ad9326a908dea5
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
cd3351e84fb62d2bf5309d03964da8e5d995739e6b6d05c4e1d36509a11aa307
ce8a77834d2f692c5229efa7834434529f3ef61a5ce4c7fd3afac6745503064d
d46a2204d421401be44d2fa62f6ea778ecf6b6850c20d158f4715f388f086ae9
d65ab1e44d47ef28337515b7ee04da467fe53c661a178d9e53608100d58c179a
dc776771b10441bb79c1b12e811b440095365be34b333bd4d1ca39b4e11e5787
df21bbefcbcb5215d872dec3ce6375eeb62e1ea6fa7e2dd179178c2815d15d46
e094372c352c53fd2f00f6ec27f18f67e360b5959a0b977977ebfd526bcb78ca
e313954fecc5d58d0bc3a9df4a1ba55776ad79d7a70e322204935ba4bafbb5e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e7ea0d101baba3861c8496afe262bf36ccf6d3f9af688f2a69e9bc4aa34bf73a
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
eb9c7e9d741580c24d3feddd49a1ad117fa4bcba55d5c115c0b50a783fcbab53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4aa270bae60203e89dae93c74744e8c83524928b18ef0514fa90853e9a3e5a
efb5254fcf310f40161170b6140861320e0000b87b1f5143e4b58e91ba30d844
f59f438695d3ab0d6182b4c7e11d2e84205524788f853276629517d4aecc6fb0
fe7b90afd92d5a88546417f5d9e4e22e428db2059cc58695e7d2f6e9cff660bc