urlscan.io logo urlscan.io
SecurityTrails logo

www.beinconnect.com.tr Open in urlscan Pro
13.32.27.69  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.beinconnect.com.tr/
Submission: On December 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 8 countries across 39 domains to perform 63 HTTP transactions. The main IP is 13.32.27.69, located in United States and belongs to AMAZON-02, US. The main domain is www.beinconnect.com.tr. The Cisco Umbrella rank of the primary domain is 943916.
This is the only time www.beinconnect.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.32.27.69 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2 216.58.206.38 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
3 188.166.135.225 14061 (DIGITALOC...)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 6 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 178.250.1.9 44788 (ASN-CRITE...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 1 142.250.185.66 15169 (GOOGLE)
1 35.156.152.149 16509 (AMAZON-02)
2 3 185.89.211.116 29990 (ASN-APPNEX)
1 88.221.124.22 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 185.86.139.106 201081 (SMARTADSE...)
2 141.226.228.48 200478 (TABOOLA-AS)
1 23.39.157.37 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
2 3.71.149.231 16509 (AMAZON-02)
1 37.157.3.20 198622 (ADFORM)
1 54.155.236.110 16509 (AMAZON-02)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 2 52.212.151.239 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
1 34.248.55.250 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.193.199.121 16509 (AMAZON-02)
1 52.25.163.150 16509 (AMAZON-02)
1 70.42.32.95 22075 (AS-OUTBRAIN)
1 198.47.127.205 62713 (AS-PUBMATIC)
1 52.59.107.120 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 23.213.169.82 16625 (AKAMAI-AS)
1 54.74.25.228 16509 (AMAZON-02)
1 3.123.198.250 16509 (AMAZON-02)
1 18.203.91.219 16509 (AMAZON-02)
1 3.131.216.228 16509 (AMAZON-02)
63 46
1    13.32.27.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-69.fra56.r.cloudfront.net
www.beinconnect.com.tr
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net
9470434.fls.doubleclick.net
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    188.166.135.225 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
signals.beinconnect.com.tr
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
1    35.156.152.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-152-149.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    88.221.124.22 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-124-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
1    23.39.157.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-157-37.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    54.155.236.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    52.212.151.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-151-239.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    34.248.55.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-55-250.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    18.193.199.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-199-121.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    52.25.163.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-163-150.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
1    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    52.59.107.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-107-120.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:1f18:612b:4232:e6bb:aabb:4218:240a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    23.213.169.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-169-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.74.25.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-25-228.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    3.123.198.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-198-250.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.131.216.228 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-216-228.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
sslwidget.criteo.com — Cisco Umbrella Rank: 1761
dis.criteo.com — Cisco Umbrella Rank: 550
13 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
9470434.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
4 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 93
1 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
trc.taboola.com — Cisco Umbrella Rank: 648
sync-t1.taboola.com — Cisco Umbrella Rank: 1460
trc-events.taboola.com — Cisco Umbrella Rank: 2040
22 KB
4 beinconnect.com.tr
www.beinconnect.com.tr — Cisco Umbrella Rank: 943916
signals.beinconnect.com.tr
29 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6765
669 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1462
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
140 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
91 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 gstatic.com
fonts.gstatic.com
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
200 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2253
267 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
337 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1855
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4166
235 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462
399 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
35 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 723
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
145 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 936
422 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1074
876 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10023
265 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
199 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
921 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
384 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1211
163 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2120
163 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
163 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 665
783 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
63 39
Domain Requested by
5 gum.criteo.com 4 redirects static.criteo.net
3 ib.adnxs.com 2 redirects
3 www.google.de www.beinconnect.com.tr
3 signals.beinconnect.com.tr www.beinconnect.com.tr
signals.beinconnect.com.tr
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 ups.analytics.yahoo.com
2 dis.criteo.com
2 connect.facebook.net signals.beinconnect.com.tr
connect.facebook.net
2 www.google.com www.beinconnect.com.tr
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 9470434.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com www.beinconnect.com.tr
www.googletagmanager.com
1 trc-events.taboola.com cdn.taboola.com
1 s.thebrighttag.com
1 beacon.krxd.net
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 criteo-partners.tremorhub.com
1 match.sharethrough.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 ad.360yield.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 x.bidswitch.net
1 cm.g.doubleclick.net 1 redirects
1 www.facebook.com www.beinconnect.com.tr
1 sslwidget.criteo.com static.criteo.net
1 mug.criteo.com www.beinconnect.com.tr
1 adservice.google.com 9470434.fls.doubleclick.net
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com www.googletagmanager.com
1 static.criteo.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com www.beinconnect.com.tr
1 www.beinconnect.com.tr
63 51

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
signals.beinconnect.com.tr
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
itm.ivitrack.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-08-30 -
2024-09-28		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2023-11-20 -
2024-11-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh

This page contains 4 frames:

Primary Page: http://www.beinconnect.com.tr/
Frame ID: AB8505BF905325571904E07EF058AC45
Requests: 28 HTTP requests in this frame

Frame: https://9470434.fls.doubleclick.net/activityi;dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fwww.beinconnect.com.tr%2F
Frame ID: 7A31A5CCA85D2BAC5985E42BE469DD70
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.beinconnect.com.tr&origin=onetag
Frame ID: 8B094297847AC1E5A1938B0AEB0AF7A2
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qTs50c1fPqMbtP1-yG3TUyCpSCcIf4RagKLyxA&google_gid=CAESEDIJTSJ90NQ1_ehFWvb-gyA&google_cver=1&google_ula=913071,0
Frame ID: 146460ADED67F35D6242FC387C64DDEE
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

63
Requests

87 %
HTTPS

32 %
IPv6

39
Domains

51
Subdomains

46
IPs

8
Countries

464 kB
Transfer

1341 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://9470434.fls.doubleclick.net/activityi;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fwww.beinconnect.com.tr%2F HTTP 302
  • https://9470434.fls.doubleclick.net/activityi;dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fwww.beinconnect.com.tr%2F
Request Chain 27
  • https://gum.criteo.com/sid/json?origin=onetag&domain=beinconnect.com.tr&sn=ChromeSyncframe&so=0&topUrl=www.beinconnect.com.tr&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nSOho3xkWHRCV0RqVVU1QkRuR2d3d1dkcE1NaysxYXNCWDRZb0hvcExvOTJNRlRjdUwyb0JSNE96V2kveE0zckdPMS9YVVEyQlloMmdmeENydDkveHlqbU1zQkR3ZGJTYnJBc2R4cXlpR2Vpbm83bFQzY1hQODVydDc5eUcyVmE4alJwWk9vUjUxcStIR0E0a1BmRVpXTzB5ME9Za3RITEZoYzNXb0tPcXJXeitCbnJJVkdZVGljbnBXdGxtMkx1Z0pBZkJwR3ozZEdlMHhLajR5dVVTTldDeFU3YXBOTys0cGI5Z3dtV3JBNnZ0ZWJ0blFmN05mZE56VGhZVWFwaHlqMCtKUUVkaEk0MXZ5UG9kVzJSOWZLK1RhQT09fA&cppv=2
Request Chain 31
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qTs50c1fPqMbtP1-yG3TUyCpSCcIf4RagKLyxA&google_cm&google_hm=ay1xVHM1MGMxZlBxTWJ0UDEteUczVFV5Q3BTQ2NJZjRSYWdLTHl4QQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qTs50c1fPqMbtP1-yG3TUyCpSCcIf4RagKLyxA&google_gid=CAESEDIJTSJ90NQ1_ehFWvb-gyA&google_cver=1&google_ula=913071,0
Request Chain 33
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3081136140455330009
Request Chain 43
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NyNdMc1fPqMbtP1-yG3TUyCpSCcdlYnWmW_Jhw HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NyNdMc1fPqMbtP1-yG3TUyCpSCcdlYnWmW_Jhw&C=1
Request Chain 44
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=lzJ8eqdDiqnBIWRrdLoDXiRRUJ8k5cWV HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lzJ8eqdDiqnBIWRrdLoDXiRRUJ8k5cWV
Request Chain 59
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pH7ES4akPnQR4-yUxwL7lnKf3JCebOX9
Request Chain 60
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cm3v4E3f6p3DfVOKqZ4L30jN2c86MvGF

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.beinconnect.com.tr/ 		13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.beinconnect.com.tr/
Protocol
HTTP/1.1
Server
13.32.27.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-69.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4fe866875153ecfbc1895644f5ade34347cd1b8454fec48f6491b6b56be9d2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
32802
Connection
keep-alive
Content-Length
13380
Content-Type
text/html
Date
Mon, 04 Dec 2023 08:22:57 GMT
ETag
"749617c1616d25bd092169317c790136"
Last-Modified
Wed, 28 Sep 2022 06:03:26 GMT
Server
AmazonS3
Via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jCrx5LJRXaLrAaC1fvaVZGPCwOxpdh2-0o6iYeY9Y7NWdTiUBaJQuw==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Error from cloudfront
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700;900&display=swap
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9323b19dec9a6a59fd6185b8773cf2c2472497a7a04116f69e3c3ee9e1c621aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 17:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 16:38:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Dec 2023 17:25:30 GMT
gtm.js
www.googletagmanager.com/ 		453 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THKDNG
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b821b30fc3a6ea26cfa7c9806babd09c02365631f65722e54e80a9889b00fa0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114078
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Dec 2023 17:25:30 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.beinconnect.com.tr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:18:49 GMT
x-content-type-options
nosniff
age
209201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 07:18:49 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.beinconnect.com.tr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 14:03:59 GMT
x-content-type-options
nosniff
age
357691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 14:03:59 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MX21GRT0FN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THKDNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b11f087c591e60a7325a27e185ca4398949384ee944e76305ab4dff99b2a5ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89984
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 17:25:30 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THKDNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Dec 2023 17:22:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
177
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Dec 2023 19:22:33 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/724376985/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/724376985/?random=1701710730754&cv=11&fst=1701710730754&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71002606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.beinconnect.com.tr%2F&hn=www.googleadservices.com&frm=0&tiba=403&auid=1322249386.1701710731&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THKDNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edf974a38ba4b90dc11a7061611106841296aa1d9befab0e1102ca71bf98958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1224
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ld.js
static.criteo.net/js/ld/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THKDNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Oct 2023 15:11:46 GMT
server
nginx
etag
W/"652569b2-b614"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Dec 2023 17:25:30 GMT
activityi;dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1...
9470434.fls.doubleclick.net/ Frame 7A31
Redirect Chain
  • https://9470434.fls.doubleclick.net/activityi;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma...
  • https://9470434.fls.doubleclick.net/activityi;dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606...
466 B
605 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9470434.fls.doubleclick.net/activityi;dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fwww.beinconnect.com.tr%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THKDNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
bcbf1805030ef5fcc2e25374026f4ee425df614bab3fefbead0d68e61ebd2578
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.beinconnect.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
266
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:25:31 GMT
expires
Mon, 04 Dec 2023 17:25:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:25:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9470434.fls.doubleclick.net/activityi;dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fwww.beinconnect.com.tr%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tfa.js
cdn.taboola.com/libtrc/unip/1355935/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1355935/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THKDNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e2e3ae39819ebe6d3a57d375e329da916b3f32b26cbba98936eb25afb73101b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
tpzz446QglmvqN_8aY6kYBlxN5WCjZSi
content-encoding
gzip
via
1.1 varnish
date
Mon, 04 Dec 2023 17:25:30 GMT
x-amz-request-id
B6XMJG081CB1T1HY
age
72
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
19982
x-amz-id-2
Sb20091i+RIKxsfdpm8w9Jm+ndHT73F8eCU/HsD0eyrWBiGHZ2HngBMvC3plCQW/y3cyP0rVUSk=
x-served-by
cache-fra-etou8220105-FRA
last-modified
Sun, 03 Dec 2023 11:19:19 GMT
server
AmazonS3
x-timer
S1701710731.877053,VS0,VE0
etag
"26de78347b8a34960fcabd6c4789afd5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
3
base.js
signals.beinconnect.com.tr/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signals.beinconnect.com.tr/base.js
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.135.225 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
49b78bfef6bbca5c23551094348630d309e031aa58de22e0ebaa80547e72d3b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
date
Mon, 04 Dec 2023 17:25:30 GMT
server
nginx
afps-node
afps-node-1
content-length
15353
vary
Origin
content-type
application/javascript
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MX21GRT0FN&gtm=45je3bt0v873091451z871002606&_p=1701710730282&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955424889.1701710731&ul=en-us&sr=1600x1200&_s=1&sid=1701710730&sct=1&seg=0&dl=http%3A%2F%2Fwww.beinconnect.com.tr%2F&dt=403&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=730
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MX21GRT0FN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.beinconnect.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MX21GRT0FN&cid=955424889.1701710731&gtm=45je3bt0v873091451z871002606&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MX21GRT0FN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.beinconnect.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MX21GRT0FN&cid=955424889.1701710731&gtm=45je3bt0v873091451z871002606&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=115352224
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MX21GRT0FN&gtm=45je3bt0v873091451z871002606&_p=1701710730282&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955424889.1701710731&ul=en-us&sr=1600x1200&_eu=AAAC&_s=2&sid=1701710730&sct=1&seg=1&dl=http%3A%2F%2Fwww.beinconnect.com.tr%2F&dt=403&en=page_view&_et=1&tfd=739
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MX21GRT0FN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.beinconnect.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/724376985/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/724376985/?random=1701710730754&cv=11&fst=1701709200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71002606&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.beinconnect.com.tr%2F&frm=0&tiba=403&fmt=3&is_vtc=1&cid=CAQSGwDICaaNO_8d0g0VzNJpmkqGTS16RUjU41KWZg&random=1159391868&rmt_tld=0&ipr=y
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/724376985/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/724376985/?random=1701710730754&cv=11&fst=1701709200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71002606&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.beinconnect.com.tr%2F&frm=0&tiba=403&fmt=3&is_vtc=1&cid=CAQSGwDICaaNO_8d0g0VzNJpmkqGTS16RUjU41KWZg&random=1159391868&rmt_tld=1&ipr=y
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1355935/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1355935/trc/3/json?tim=1701710730914&data=%7B%22id%22%3A567%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1701710730905%2C%22cv%22%3A%2220231130-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.beinconnect.com.tr%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dxaxisturkey-beinconnect-sc-tr%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1701710730914%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fwww.beinconnect.com.tr%2F%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1355935/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab6e5f2f509379183ad7b5de9403ab38ac1cb97d4e8d4dc22cebcc0f23f9bd5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Mon, 04 Dec 2023 17:25:30 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.52925
x-fastly-to-nlb-rtt
7404
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220105-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1701710731.948964,VS0,VE16
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=368375762&t=pageview&_s=1&dl=http%3A%2F%2Fwww.beinconnect.com.tr%2F&ul=en-us&de=UTF-8&dt=403&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=242512575&gjid=1328072584&cid=955424889.1701710731&tid=UA-17472711-44&_gid=887142781.1701710731&_slc=1&gtm=45He3bt0n71THKDNGv71002606&cd3=GTM-THKDNG~255~DM%3Afalse&cd7=1701710730750.gu5e34xq&cd8=2023-12-04T18%3A25%3A30.750%2B01%3A00&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd6=955424889.1701710731&cd9=pageview&z=1252099223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.beinconnect.com.tr/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.beinconnect.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-17472711-44&cid=955424889.1701710731&jid=242512575&gjid=1328072584&_gid=887142781.1701710731&_u=YCDAgEABAAAAAGAEK~&z=730442197
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.beinconnect.com.tr/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 04 Dec 2023 17:25:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.beinconnect.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 8B09 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.beinconnect.com.tr&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.beinconnect.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:25:30 GMT
server
Kestrel
server-processing-duration-in-ticks
282099
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-17472711-44&cid=955424889.1701710731&jid=242512575&_u=YCDAgEABAAAAAGAEK~&z=1033368498
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-17472711-44&cid=955424889.1701710731&jid=242512575&_u=YCDAgEABAAAAAGAEK~&z=1033368498
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: signals.beinconnect.com.tr
URL: https://signals.beinconnect.com.tr/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Dec 2023 17:25:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
sNSd61jjIbSomF+GgO+v/VfZh9Zs8hafYzK/M8qDlQr1dJTfunNG4nip+C5pLaDWysoicKU4pwKFBuDcpNiH+A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
r
signals.beinconnect.com.tr/ 		1 B
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signals.beinconnect.com.tr/r
Requested by
Host: signals.beinconnect.com.tr
URL: https://signals.beinconnect.com.tr/base.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.135.225 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.beinconnect.com.tr
date
Mon, 04 Dec 2023 17:25:31 GMT
server
nginx
content-length
1
vary
Origin
content-type
application/json; charset=utf-8
r
signals.beinconnect.com.tr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://signals.beinconnect.com.tr/r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.135.225 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.beinconnect.com.tr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
http://www.beinconnect.com.tr
content-length
0
date
Mon, 04 Dec 2023 17:25:31 GMT
server
nginx
vary
Origin, Access-Control-Request-Headers
dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=*;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fww...
adservice.google.com/ddm/fls/z/ Frame 7A31 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=*;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fwww.beinconnect.com.tr%2F
Requested by
Host: 9470434.fls.doubleclick.net
URL: https://9470434.fls.doubleclick.net/activityi;dc_pre=CNq9g72m9oIDFZbeOwIdGxkLzw;src=9470434;type=allac0;cat=id_ba0;ord=6547897638554;auiddc=1322249386.1701710731;u50=undefined;gtm=45He3bt0v71002606;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;epver=2;~oref=http%3A%2F%2Fwww.beinconnect.com.tr%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9470434.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 8B09
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=beinconnect.com.tr&sn=ChromeSyncframe&so=0&topUrl=www.beinconnect.com.tr&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=nSOho3xkWHRCV0RqVVU1QkRuR2d3d1dkcE1NaysxYXNCWDRZb0hvcExvOTJNRlRjdUwyb0JSNE96V2kveE0zckdPMS9YVVEyQlloMmdmeENydDkveHlqbU1zQkR3ZGJTYnJBc2R4cXlpR2Vpbm83bFQzY1hQODVydDc5eU...
449 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nSOho3xkWHRCV0RqVVU1QkRuR2d3d1dkcE1NaysxYXNCWDRZb0hvcExvOTJNRlRjdUwyb0JSNE96V2kveE0zckdPMS9YVVEyQlloMmdmeENydDkveHlqbU1zQkR3ZGJTYnJBc2R4cXlpR2Vpbm83bFQzY1hQODVydDc5eUcyVmE4alJwWk9vUjUxcStIR0E0a1BmRVpXTzB5ME9Za3RITEZoYzNXb0tPcXJXeitCbnJJVkdZVGljbnBXdGxtMkx1Z0pBZkJwR3ozZEdlMHhLajR5dVVTTldDeFU3YXBOTys0cGI5Z3dtV3JBNnZ0ZWJ0blFmN05mZE56VGhZVWFwaHlqMCtKUUVkaEk0MXZ5UG9kVzJSOWZLK1RhQT09fA&cppv=2
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4351ece213b2dd88d90ae7cb3255f99fd4b6b9a7576e730275e188ec2e5be120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1167326
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=nSOho3xkWHRCV0RqVVU1QkRuR2d3d1dkcE1NaysxYXNCWDRZb0hvcExvOTJNRlRjdUwyb0JSNE96V2kveE0zckdPMS9YVVEyQlloMmdmeENydDkveHlqbU1zQkR3ZGJTYnJBc2R4cXlpR2Vpbm83bFQzY1hQODVydDc5eUcyVmE4alJwWk9vUjUxcStIR0E0a1BmRVpXTzB5ME9Za3RITEZoYzNXb0tPcXJXeitCbnJJVkdZVGljbnBXdGxtMkx1Z0pBZkJwR3ozZEdlMHhLajR5dVVTTldDeFU3YXBOTys0cGI5Z3dtV3JBNnZ0ZWJ0blFmN05mZE56VGhZVWFwaHlqMCtKUUVkaEk0MXZ5UG9kVzJSOWZLK1RhQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
316410
content-length
0
expires
0
event
sslwidget.criteo.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=71055&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=ikp65l9jeFQxekh4bGhJSG5kSmd0UGdrRUNxdTVSbFVHT1EyRmV0WEFMUDhBbkJZY0g3OElTQnd3OFdGSmcxbEtkclpyQ1ZQUmlOMW9xa3dWJTJGU1FXWDhQMlJpcVBiJTJGZFNFNE1ic0ZKdW9IbFExSnAwWkVwanZpOEh2MjZuZ3ZncXR3cHhzbXRtJTJGdlNsdTY5Mmd4SWlpNFN1Tlllc3RjMk0lMkJLJTJGTTd4ZkVEdEhrdklZJTNE&tld=beinconnect.com.tr&fu=http%253A%252F%252Fwww.beinconnect.com.tr%252F&ceid=d8023857-7a6b-411a-8ec3-267efed4c131&dtycbr=9005
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
467c1ed57545f3680e7a5a725c945fd7c646d10a46e2d6e21abf58c6c35895b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6655902
timing-allow-origin
*
expires
0
434533883828094
connect.facebook.net/signals/config/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/434533883828094?v=2.9.138&r=stable&domain=www.beinconnect.com.tr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
576ebded60d9f4e0786dd4aeeb39ba45c74d91e543ed08fad0d181ea706950bf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Dec 2023 17:25:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36953
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kuADG/0c47rdF5xIsn7+muUzgFFBx3ZM7uo0Z2TqvWE+CSUJhMn3g7icQl6Ka2GvhmpMXXgbGlisMkrXuFBuiw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=434533883828094&ev=PageView&dl=http%3A%2F%2Fwww.beinconnect.com.tr%2F&rl=&if=false&ts=1701710731339&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1701710731337.478154219&cs_est=true&ler=empty&it=1701710731276&coo=false&eid=ced5fff5-1b7d-4ab7-8e5d-86265ce18b1a&rqm=GET
Requested by
Host: www.beinconnect.com.tr
URL: http://www.beinconnect.com.tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Dec 2023 17:25:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1464
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qTs50c1fPqMbtP1-yG3TUyCpSCcIf4RagKLyxA&google_cm&google_hm=ay1xVHM1MGMxZlBxTWJ0UDEteUczVFV5Q3BTQ2NJZjRSY...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qTs50c1fPqMbtP1-yG3TUyCpSCcIf4RagKLyxA&google_gid=CAESEDIJTSJ90NQ1_ehFWvb-gyA&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qTs50c1fPqMbtP1-yG3TUyCpSCcIf4RagKLyxA&google_gid=CAESEDIJTSJ90NQ1_ehFWvb-gyA&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1556326
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qTs50c1fPqMbtP1-yG3TUyCpSCcIf4RagKLyxA&google_gid=CAESEDIJTSJ90NQ1_ehFWvb-gyA&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 1464 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-D0_7Ps1fPqMbtP1-yG3TUyCpSCf931dhuplT6Q&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.152.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-152-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1464
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3081136140455330009
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3081136140455330009
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
916030
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
an-x-request-uuid
b89c5b85-34d5-4daa-be8c-9c3fade2ccb8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3081136140455330009
x-proxy-origin
80.255.7.109; 80.255.7.109; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 1464 		53 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-4Zr-8c1fPqMbtP1-yG3TUyCpSCcCu40tyHyILg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 17:25:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Dec 2023 17:25:31 GMT
tap.php
pixel.rubiconproject.com/ Frame 1464 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5VJKTc1fPqMbtP1-yG3TUyCpSCcjeAjAUZKbIA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 1464 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-91sdI81fPqMbtP1-yG3TUyCpSCcX1Zj7p5kXzQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:30 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1464 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-8iJls81fPqMbtP1-yG3TUyCpSCfubw3YxDA98Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41467
um
criteo-sync.teads.tv/ Frame 1464 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-mbmbAs1fPqMbtP1-yG3TUyCpSCf_W0apK0l91w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.157.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-157-37.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Mon, 04 Dec 2023 17:25:31 GMT
pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 1464 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-dLy5O81fPqMbtP1-yG3TUyCpSCfWshJjPwbNFw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 1464 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ffZR3M1fPqMbtP1-yG3TUyCpSCeKijX5ETbS6A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 1464 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-aWpbK81fPqMbtP1-yG3TUyCpSCeHT6fwHhvnng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
last-modified
Fri, 18 Nov 2022 14:41:46 GMT
server
nginx
accept-ranges
bytes
etag
"637799aa-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 1464 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-2ervEc1fPqMbtP1-yG3TUyCpSCeMzY92j6CilA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 1464
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NyNdMc1fPqMbtP1-yG3TUyCpSCcdlYnWmW_Jhw
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NyNdMc1fPqMbtP1-yG3TUyCpSCcdlYnWmW_Jhw&C=1
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NyNdMc1fPqMbtP1-yG3TUyCpSCcdlYnWmW_Jhw&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xH%2FGoMBukeu8twZ4rE2OGveVn3Zxd28aVsoLhft7cvleSPNARHdRt79cJ%2FGiFKl5s9fdQ3k7j55NExxVe9NBCwRlOdJCAy7sH%2BT%2FfMLBCAqqZlsJpmBdSQX1sH6v9YLQeSGl"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8305bfc98d3a6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYCIcS8TPr0Vb49XilCDPh%2FWe5yt%2BwC%2FDYufC4B9JXoKs%2FJsSL18OCYuxUgj0tx6eI4gk9liRRNpKexVTw5mdvM24M4ME93yQmobGBSVmBe810pECl1EcMxtcl9PImprkO%2Bp"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-NyNdMc1fPqMbtP1-yG3TUyCpSCcdlYnWmW_Jhw&C=1
cache-control
no-cache
cf-ray
8305bfc91c2e6a78-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame 1464
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=lzJ8eqdDiqnBIWRrdLoDXiRRUJ8k5cWV
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lzJ8eqdDiqnBIWRrdLoDXiRRUJ8k5cWV
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lzJ8eqdDiqnBIWRrdLoDXiRRUJ8k5cWV
Protocol
H2
Server
52.212.151.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-151-239.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-08dbc1c84.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
UhA0h00SSIE=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-0be504dcd.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
+6F1DXPrSQw=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=lzJ8eqdDiqnBIWRrdLoDXiRRUJ8k5cWV
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 1464 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-3sdPu81fPqMbtP1-yG3TUyCpSCdGm52XV-Qp7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Dec 2023 17:25:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 1464 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-oRf4vc1fPqMbtP1-yG3TUyCpSCdsmu4KZ3ZgAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.248.55.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-55-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Dec 2023 17:25:31 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 1464 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-2qPh181fPqMbtP1-yG3TUyCpSCc8ApAqujdD0A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 1464 		0
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ctTw281fPqMbtP1-yG3TUyCpSCct0H0S7EBvAw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.199.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-199-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 1464 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-pnZTrc1fPqMbtP1-yG3TUyCpSCfXJqn9LNU5jw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.163.150 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-163-150.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:32 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 1464 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-_28Al81fPqMbtP1-yG3TUyCpSCf97KtNYlHJVA&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 17:25:32 GMT
Cache-Control
no-cache
X-TraceId
8458822306cf044bfc7cdae3fdc04b9d
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1464 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-2r4B7c1fPqMbtP1-yG3TUyCpSCeR_oiXtHObXA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 04 Dec 2023 17:25:30 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 1464 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-1Z4mNs1fPqMbtP1-yG3TUyCpSCeqIVWdTF4LCw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.107.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-107-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
sync
criteo-partners.tremorhub.com/ Frame 1464 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-K6sFYM1fPqMbtP1-yG3TUyCpSCdDzJ4qKnAHfQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e6bb:aabb:4218:240a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 04 Dec 2023 17:25:32 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame 1464 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-nGAdP81fPqMbtP1-yG3TUyCpSCcNNpa4E0s4Iw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.169.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 17:25:31 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sun, 03 Dec 2023 17:25:31 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 1464 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-Km_Vss1fPqMbtP1-yG3TUyCpSCfjJEuvfoCrmA&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.25.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-25-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
content-length
0
put
e1.emxdgt.com/ Frame 1464 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-saiGus1fPqMbtP1-yG3TUyCpSCcHluXHRKQDtw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.198.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-198-250.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
server
awselb/2.0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 1464 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-ffZR3M1fPqMbtP1-yG3TUyCpSCeKijX5ETbS6A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:25:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/ Frame 1464 		43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-0ZW3Uc1fPqMbtP1-yG3TUyCpSCcZJYHrDEO2rg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:31 GMT
an-x-request-uuid
932c86b0-1ce6-47ad-bfb2-0e9c2f3df7b7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.109; 80.255.7.109; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 1464
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pH7ES4akPnQR4-yUxwL7lnKf3JCebOX9
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pH7ES4akPnQR4-yUxwL7lnKf3JCebOX9
Protocol
H2
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Mon, 04 Dec 2023 17:25:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1701710731
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pH7ES4akPnQR4-yUxwL7lnKf3JCebOX9
date
Mon, 04 Dec 2023 17:25:30 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
753587
content-length
0
cs
s.thebrighttag.com/ Frame 1464
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cm3v4E3f6p3DfVOKqZ4L30jN2c86MvGF
35 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cm3v4E3f6p3DfVOKqZ4L30jN2c86MvGF
Protocol
H2
Server
3.131.216.228 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-216-228.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 17:25:32 GMT
x-bt-requestid
209e7a11-92ca-11ee-81db-0000ac170251
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cm3v4E3f6p3DfVOKqZ4L30jN2c86MvGF
date
Mon, 04 Dec 2023 17:25:31 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
697421
content-length
0
unip
trc-events.taboola.com/1355935/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1355935/log/3/unip?en=pre_d_eng_tb&tos=1558&scd=0&ssd=1&est=1701710730906&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1701710732464&vi=1701710730905&ri=abefd26e29fdfc2838551fae63f027d7&ref=null&cv=20231130-4-RELEASE&item-url=http%3A%2F%2Fwww.beinconnect.com.tr%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1355935/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.beinconnect.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
http://www.beinconnect.com.tr
pragma
no-cache
date
Mon, 04 Dec 2023 17:25:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| criteo_q object| __tfa_pixel_init object| _tfa object| linkInputs object| logoEl undefined| gaplCookie function| advermind object| urlPath string| urlPathSecond string| eventNameForEqualSign undefined| eventName string| eventNameSecond function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| gaplugins object| gaData function| _ga_originalSendHitTask function| fbq function| _fbq

30 Cookies

Domain/Path Name / Value
.beinconnect.com.tr/ Name: _gcl_au
Value: 1.1.1322249386.1701710731
.beinconnect.com.tr/ Name: _ga_MX21GRT0FN
Value: GS1.1.1701710730.1.1.1701710730.60.0.0
.beinconnect.com.tr/ Name: _ga
Value: GA1.3.955424889.1701710731
.beinconnect.com.tr/ Name: _gid
Value: GA1.3.887142781.1701710731
.beinconnect.com.tr/ Name: _dc_gtm_UA-17472711-44
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlXZo0IgA7RCfD_LD9a2WYnpCNUsJZJSsC-A34BFJjltj2VgFPUZM3SBUhwFI4
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 6c4e84b4-904b-4a43-8976-4d45ee435eb5
.beinconnect.com.tr/ Name: cto_bundle
Value: ikp65l9jeFQxekh4bGhJSG5kSmd0UGdrRUNxdTVSbFVHT1EyRmV0WEFMUDhBbkJZY0g3OElTQnd3OFdGSmcxbEtkclpyQ1ZQUmlOMW9xa3dWJTJGU1FXWDhQMlJpcVBiJTJGZFNFNE1ic0ZKdW9IbFExSnAwWkVwanZpOEh2MjZuZ3ZncXR3cHhzbXRtJTJGdlNsdTY5Mmd4SWlpNFN1Tlllc3RjMk0lMkJLJTJGTTd4ZkVEdEhrdklZJTNE
.beinconnect.com.tr/ Name: _fbp
Value: fb.2.1701710731337.478154219
.adnxs.com/ Name: uuid2
Value: 3081136140455330009
.demdex.net/ Name: demdex
Value: 66204094458273648580883931393105590031
.media.net/ Name: visitor-id
Value: 3447123319086164000V10
.media.net/ Name: data-c-ts
Value: 1701710731
.media.net/ Name: data-c
Value: k-4Zr-8c1fPqMbtP1-yG3TUyCpSCcCu40tyHyILg~~3
.dpm.demdex.net/ Name: dpm
Value: 66204094458273648580883931393105590031
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2C$Sm4th1!]tbPl@/D!9hy6]/CwgF1gr!CkjB#Rht:uPcjmQlm+L`jiccPU6FB87iaJs(jdi?VC*hUDRs'v^%nugO%v4VB%npMY+D__L
.casalemedia.com/ Name: CMID
Value: ZW4LixdAmSfS8JRGzKF5BwAA
.casalemedia.com/ Name: CMPS
Value: 3382
.casalemedia.com/ Name: CMPRO
Value: 3382
.omnitagjs.com/ Name: ayl_visitor
Value: cfa49070abfcadfcdabc8ad87f2c1529
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2220490710-92ca-11ee-99cc-635c2e517676%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2220490710-92ca-11ee-99cc-635c2e517676%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2220490710-92ca-11ee-99cc-635c2e517676%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2220490710-92ca-11ee-99cc-635c2e517676%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-ctTw281fPqMbtP1-yG3TUyCpSCct0H0S7EBvAw%22%2C%22version%22%3A%22criteo%22%7D
.krxd.net/ Name: _kuid_
Value: P9H55Cki
.tremorhub.com/ Name: tvid
Value: da427da9143a4744b11a9ab0014b9c78
.tremorhub.com/ Name: tv_UICR
Value: k-K6sFYM1fPqMbtP1-yG3TUyCpSCdDzJ4qKnAHfQ
.postrelease.com/ Name: opt_out
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: http://www.beinconnect.com.tr/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9470434.fls.doubleclick.net
ad.360yield.com
ad.yieldlab.net
adservice.google.com
beacon.krxd.net
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
signals.beinconnect.com.tr
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.beinconnect.com.tr
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.18.36.155
13.248.245.213
13.32.27.69
141.226.228.48
142.250.185.66
151.101.1.44
162.19.138.120
178.250.1.9
18.193.199.121
18.203.91.219
185.86.139.106
185.89.211.116
188.166.135.225
198.47.127.205
2001:4860:4802:34::36
216.58.206.38
23.213.169.82
23.39.157.37
2600:1f18:612b:4232:e6bb:aabb:4218:240a
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.123.198.250
3.131.216.228
3.71.149.231
34.117.157.22
34.248.55.250
35.156.152.149
37.157.3.20
52.212.151.239
52.25.163.150
52.59.107.120
54.155.236.110
54.74.25.228
69.173.144.139
70.42.32.95
88.221.124.22
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3edf974a38ba4b90dc11a7061611106841296aa1d9befab0e1102ca71bf98958
4351ece213b2dd88d90ae7cb3255f99fd4b6b9a7576e730275e188ec2e5be120
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
467c1ed57545f3680e7a5a725c945fd7c646d10a46e2d6e21abf58c6c35895b4
49b78bfef6bbca5c23551094348630d309e031aa58de22e0ebaa80547e72d3b3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
576ebded60d9f4e0786dd4aeeb39ba45c74d91e543ed08fad0d181ea706950bf
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
9323b19dec9a6a59fd6185b8773cf2c2472497a7a04116f69e3c3ee9e1c621aa
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e2e3ae39819ebe6d3a57d375e329da916b3f32b26cbba98936eb25afb73101b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4fe866875153ecfbc1895644f5ade34347cd1b8454fec48f6491b6b56be9d2f
ab6e5f2f509379183ad7b5de9403ab38ac1cb97d4e8d4dc22cebcc0f23f9bd5f
b11f087c591e60a7325a27e185ca4398949384ee944e76305ab4dff99b2a5ec1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b821b30fc3a6ea26cfa7c9806babd09c02365631f65722e54e80a9889b00fa0c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcbf1805030ef5fcc2e25374026f4ee425df614bab3fefbead0d68e61ebd2578
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629