URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3...
Submission: On June 05 via api from TR — Scanned from DE

Summary

This website contacted 55 IPs in 11 countries across 33 domains to perform 229 HTTP transactions. The main IP is 172.67.139.233, located in United States and belongs to CLOUDFLARENET, US. The main domain is bessuilynn.com.
TLS certificate: Issued by GTS CA 1P5 on May 22nd 2024. Valid for: 3 months.
This is the only time bessuilynn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.139.233 13335 (CLOUDFLAR...)
1 184.30.21.51 16625 (AKAMAI-AS)
2 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.17.24.14 13335 (CLOUDFLAR...)
3 172.217.16.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
23 31.3.2.72 21245 (MEDIANOVA...)
1 31.3.2.79 21245 (MEDIANOVA...)
1 23.52.181.90 16625 (AKAMAI-AS)
54 151.101.1.44 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 4 92.222.252.172 16276 (OVH)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
3 108.138.32.75 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 77.223.135.226 43391 (NETDIREKT-AS)
5 3.13.186.205 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 146.59.30.96 16276 (OVH)
22 142.250.185.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.138.36.15 16509 (AMAZON-02)
1 18.173.191.98 16509 (AMAZON-02)
1 157.240.252.13 32934 (FACEBOOK)
6 2a03:2880:f17... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 141.226.228.48 200478 (TABOOLA-AS)
1 2a02:6ea0:d51... 60068 (CDN77 _)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 69.173.144.138 26667 (RUBICONPR...)
6 2607:ae80:192... 26558 (FREEWHEEL)
1 142.250.186.168 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.191.37.40 16509 (AMAZON-02)
1 142.250.184.193 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 212.36.83.215 15699 (AS_ADAM A...)
1 2a00:1450:400... 15169 (GOOGLE)
5 52.58.156.188 16509 (AMAZON-02)
2 52.48.31.126 16509 (AMAZON-02)
2 23.35.236.201 16625 (AKAMAI-AS)
2 212.36.83.246 15699 (AS_ADAM A...)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 151.101.193.44 54113 (FASTLY)
2 54.234.218.193 14618 (AMAZON-AES)
1 35.227.252.103 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
229 55
Apex Domain
Subdomains
Transfer
69 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 905
trc.taboola.com — Cisco Umbrella Rank: 699
am-trc-events.taboola.com — Cisco Umbrella Rank: 18713
vidstat.taboola.com — Cisco Umbrella Rank: 3781
images.taboola.com — Cisco Umbrella Rank: 1614
imprammp.taboola.com — Cisco Umbrella Rank: 23341
am-match.taboola.com Failed
am-vid-events.taboola.com — Cisco Umbrella Rank: 22209
vidstatb.taboola.com — Cisco Umbrella Rank: 6123
wf.taboola.com — Cisco Umbrella Rank: 4035
2 MB
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
294 KB
23 ntv.com.tr
cdn.ntv.com.tr — Cisco Umbrella Rank: 288193
cdn1.ntv.com.tr — Cisco Umbrella Rank: 267031
www.ntv.com.tr Failed
243 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 375
1 MB
6 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 653
cdn.stickyadstv.com Failed
7 KB
6 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 421
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 7900
2 KB
6 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 33597
vpaid.vidoomy.com — Cisco Umbrella Rank: 3809
ad.vidoomy.com — Cisco Umbrella Rank: 29470
a.vidoomy.com — Cisco Umbrella Rank: 3298
121 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
6 gstatic.com
fonts.gstatic.com
82 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 430
104 KB
5 servg1.net
servg1.net — Cisco Umbrella Rank: 32367
53 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 356
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 731
aax.amazon-adsystem.com — Cisco Umbrella Rank: 487
80 KB
5 gemius.pl
gatr.hit.gemius.pl — Cisco Umbrella Rank: 59448
ls.hit.gemius.pl — Cisco Umbrella Rank: 20859
22 KB
4 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 10242
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 516
2 KB
4 google.com
contributor.google.com — Cisco Umbrella Rank: 15222
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 716
region1.analytics.google.com — Cisco Umbrella Rank: 3163
ampcid.google.com — Cisco Umbrella Rank: 3313
12 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
174 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
75 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
8 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
273 KB
2 bfmio.com
ioms.bfmio.com — Cisco Umbrella Rank: 15930
1010 B
2 openx.net
vidoomy-d.openx.net — Cisco Umbrella Rank: 48660
rtb.openx.net — Cisco Umbrella Rank: 609
614 B
2 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 11071
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8139
ampcid.google.de — Cisco Umbrella Rank: 122944
430 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
2 useinsider.com
ntv.api.useinsider.com — Cisco Umbrella Rank: 358293
89 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1811
at.teads.tv — Cisco Umbrella Rank: 6493
4 KB
2 bessuilynn.com
bessuilynn.com
147 KB
1 jnxm2.com
jnxm2.com — Cisco Umbrella Rank: 22229
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 631
295 B
1 bik.gov.tr
cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 51537
724e36f7-7ba9-4b63-b81f-69c8c93f7fcd.collector.p.analitik.bik.gov.tr Failed
34 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 499
431 B
1 dygdigital.com
dygassets.dygdigital.com — Cisco Umbrella Rank: 266600
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
1 KB
229 33
Domain Requested by
24 images.taboola.com
22 pagead2.googlesyndication.com securepubads.g.doubleclick.net
bessuilynn.com
pagead2.googlesyndication.com
vpaid.vidoomy.com
15 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
14 cdn1.ntv.com.tr bessuilynn.com
12 am-trc-events.taboola.com cdn.taboola.com
11 cdn.taboola.com bessuilynn.com
cdn.taboola.com
10 cdn.cookielaw.org bessuilynn.com
cdn.cookielaw.org
9 cdn.ntv.com.tr bessuilynn.com
6 ads.stickyadstv.com bessuilynn.com
vpaid.vidoomy.com
6 www.facebook.com bessuilynn.com
6 fonts.gstatic.com fonts.googleapis.com
5 optimized-by.rubiconproject.com vpaid.vidoomy.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 servg1.net bessuilynn.com
servg1.net
4 tpc.googlesyndication.com bessuilynn.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 gatr.hit.gemius.pl 1 redirects bessuilynn.com
gatr.hit.gemius.pl
3 connect.facebook.net bessuilynn.com
connect.facebook.net
3 c.amazon-adsystem.com dygassets.dygdigital.com
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net bessuilynn.com
securepubads.g.doubleclick.net
3 cdnjs.cloudflare.com client
servg1.net
3 www.googletagmanager.com bessuilynn.com
www.googletagmanager.com
2 hbopenbid.pubmatic.com vpaid.vidoomy.com
2 ioms.bfmio.com vpaid.vidoomy.com
2 am-vid-events.taboola.com
2 a.vidoomy.com vpaid.vidoomy.com
2 vpaid.pubmatic.com vpaid.vidoomy.com
2 vid.springserve.com vpaid.vidoomy.com
2 ad.vidoomy.com vpaid.vidoomy.com
2 www.google-analytics.com www.googletagmanager.com
vpaid.vidoomy.com
2 trc.taboola.com cdn.taboola.com
vpaid.vidoomy.com
2 2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ntv.api.useinsider.com bessuilynn.com
ntv.api.useinsider.com
2 bessuilynn.com dygassets.dygdigital.com
1 rtb.openx.net vpaid.vidoomy.com
1 wf.taboola.com vpaid.vidoomy.com
1 vidstatb.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 vidoomy-d.openx.net vpaid.vidoomy.com
1 ampcid.google.de vpaid.vidoomy.com
1 ampcid.google.com vpaid.vidoomy.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 jnxm2.com servg1.net
1 pixel.rubiconproject.com bessuilynn.com
1 vpaid.vidoomy.com ads.vidoomy.com
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ls.hit.gemius.pl gatr.hit.gemius.pl
1 geolocation.onetrust.com cdn.cookielaw.org
1 cdn.p.analitik.bik.gov.tr bessuilynn.com
1 gum.criteo.com cdn.taboola.com
1 fundingchoicesmessages.google.com bessuilynn.com
1 at.teads.tv a.teads.tv
1 dygassets.dygdigital.com bessuilynn.com
1 contributor.google.com bessuilynn.com
1 fonts.googleapis.com client
1 a.teads.tv bessuilynn.com
0 am-match.taboola.com Failed vidstat.taboola.com
0 cdn.stickyadstv.com Failed vpaid.vidoomy.com
0 724e36f7-7ba9-4b63-b81f-69c8c93f7fcd.collector.p.analitik.bik.gov.tr Failed vpaid.vidoomy.com
0 www.ntv.com.tr Failed cdn.ntv.com.tr
229 63
Subject Issuer Validity Valid
bessuilynn.com
GTS CA 1P5
2024-05-22 -
2024-08-20
3 months crt.sh
teads.tv
R3
2024-04-12 -
2024-07-11
3 months crt.sh
useinsider.com
Cloudflare Inc ECC CA-3
2023-12-05 -
2024-12-04
a year crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
upload.video.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.ntv.com.tr
GlobalSign GCC R6 AlphaSSL CA 2023
2024-02-08 -
2025-03-11
a year crt.sh
*.dygdigital.com
AlphaSSL CA - SHA256 - G4
2023-08-14 -
2024-09-14
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.gstatic.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2023-09-14 -
2024-09-25
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-15 -
2024-07-10
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-14 -
2024-06-12
3 months crt.sh
*.p.analitik.bik.gov.tr
GeoTrust TLS RSA CA G1
2024-04-30 -
2025-05-31
a year crt.sh
servg1.net
Amazon RSA 2048 M01
2023-07-12 -
2024-08-09
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
misc-sni.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-10-06
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-04 -
2025-04-03
a year crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-09 -
2025-02-08
a year crt.sh
jnxm2.com
Amazon RSA 2048 M03
2024-02-25 -
2025-03-25
a year crt.sh
*.google.de
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.springserve.com
Amazon RSA 2048 M01
2023-08-02 -
2024-08-30
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2024-02-15 -
2025-03-14
a year crt.sh

This page contains 14 frames:

Primary Page: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Frame ID: EFB83DB2A92126D9A82E83B6DDDD7FCC
Requests: 196 HTTP requests in this frame

Frame: https://ntv.api.useinsider.com/worker-new.html
Frame ID: 34F2F2123807E76BCB92FB5214F7F007
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 308D3BB732992EF403B2864E2EDA1E87
Requests: 1 HTTP requests in this frame

Frame: https://2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF14E1EBE033C9BE8F1D08A9E2E9D2A0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Frame ID: 17D38CF91F67410012C42CBAB5021FA8
Requests: 11 HTTP requests in this frame

Frame: https://2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E7F6B389C9CFAB123606F7C40EC1C55
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstezSoD6Zbt2dN1VhoiCbOdeiaurBOybSxpnBDReEYd_X_YMiiq242KM3B1lRdTuqYeXXRTLLCbEfaQ0wNXY7qv1fxkgdy-64QHr4vJwy6HHkT1cr7h1kwFk7lK7TLsnGqDWiqCk6Cvpc-Ws9PEaL5aQtXkRv4rIblgnRBXqn078paTceCtWVOehmy7C0xPUXydEBO_CVZS27UEPrCYuIDoYlbseH6ySt21nyruEc03-nhaZPoNdaTuC2w-rLPMvRBiKK4n8VWHKQkx6yXwxcR-8iEPNL5pDrLD29O2oxszYzb6UahXNmDklmcaRJ2jGRMNHj7AqW9iCVx9H6ezpo6Rnc_HUsMh6Hy4cJKyId3K4PD84OxODA&sig=Cg0ArKJSzCGSo9hAcbJbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 78F39C7B2DFB669DC9F30F9BD785B40C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst91OjLzCrxk4ePvhk7Enljc0ikxx5sJyEvvrobV1hhFR33fnKWkGSaOlHRL9yhZHtUMl2TapHjoI6iKOZrwzbZGknOEr-nDytKAONjD7QEQyGZLCZ9H_VtPCIgVq47PKyRY6B_mFVa5Sr4FfFwsa5Btb1pKunnHF9zHYLlFnQqcDMUZhnAVLqf3GtB6NqgZuRx8mw7fPCYrB2dHTnxCQMBb4l3PgFKZwCVNor_GUhw5Vr3Ym5JmP4ondoGgdsLg2hVoWabEq00ockUYEBdRIwbnTFN4Eo-zzla6v3_ZweLvwC1fowBTr7-Jhs7CR4REzQOqAxJghjOpG0pbcWahEkXruOLTgxwhl_ohke4i-OodeBl5YmgpZcd4ZKZgUYDaYiowwVUWzA719A8NX-i7naq6GXtfo95l-pZPUo&sig=Cg0ArKJSzDKPrag3WSWEEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7C0BC373C47854C5245F8001F6C0E3F2
Requests: 8 HTTP requests in this frame

Frame: https://jnxm2.com/cr?ref=https%3A%2F%2Fbessuilynn.com
Frame ID: 6C3B95AC0AC80CD20E9B3839E127A468
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C84C4DAE62F0E5FC3E1A34A3B7349A3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 1AE4DBFB140C8D03C9E3CA543E7E80C8
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&cmcv=&pix=undefined&cb=1717597391829&uv=3406&tms=1717597391829&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!expl_vE!mprdct01val_vB!rbcatc_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=8bb4728c-ef62-4f11-80a8-b3d2f1ed4858&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F031A60E186F36A9C2AB61BAD7E65BEE
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7EB80EFA57586BB150D3621BDF703A66
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C174A823EE3DBE07B4EA282240099756
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Türkiye'de satılan elektrikli otomobiller ve güncel fiyatları

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

229
Requests

97 %
HTTPS

39 %
IPv6

33
Domains

63
Subdomains

55
IPs

11
Countries

5418 kB
Transfer

14862 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://gatr.hit.gemius.pl/_1717597386100/rexdot.js?l=100&sendf=24&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=gSksjStjZvW_Q2uEIrq5FXR8.Vn6.CzawER54Egom3D.V7.GLpL_0J8ol4qJCBUZjFNi3sYq0vYjjWtsOh9Wm1yEgl3q/0zJ_G4hPnv8ok/&fpdata=F.XAGRbH6b235hQpyHxMyu7Ra.9JbW0vW4g0WpiZNxz.z7%7C1717597385%7C2&ltime=213&fr=1&ref=&inner=_ver%3D350%7C_ch_arch%3Dx86%7C_ch_pm%3DWin32%7C_ch_pver%3D10.0.0%7C_ch_bits%3D64%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7B%22Google%20Chrome%22%2C%22125.0.6422.141%22%7D%2C%7B%22Chromium%22%2C%22125.0.6422.141%22%7D%2C%7B%22Not.A%2FBrand%22%2C%2224.0.0.0%22%7D&exid=666074c934cfe561&brts=1717597386&fpcap= HTTP 301
  • https://gatr.hit.gemius.pl/__/_1717597386100/rexdot.js?l=100&sendf=24&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=gSksjStjZvW_Q2uEIrq5FXR8.Vn6.CzawER54Egom3D.V7.GLpL_0J8ol4qJCBUZjFNi3sYq0vYjjWtsOh9Wm1yEgl3q/0zJ_G4hPnv8ok/&fpdata=F.XAGRbH6b235hQpyHxMyu7Ra.9JbW0vW4g0WpiZNxz.z7%7C1717597385%7C2&ltime=213&fr=1&ref=&inner=_ver%3D350%7C_ch_arch%3Dx86%7C_ch_pm%3DWin32%7C_ch_pver%3D10.0.0%7C_ch_bits%3D64%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7B%22Google%20Chrome%22%2C%22125.0.6422.141%22%7D%2C%7B%22Chromium%22%2C%22125.0.6422.141%22%7D%2C%7B%22Not.A%2FBrand%22%2C%2224.0.0.0%22%7D&exid=666074c934cfe561&brts=1717597386&fpcap=

229 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wVd71WmG
bessuilynn.com/
569 KB
74 KB
Document
General
Full URL
https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e3a45a6b5e3e451b30647e89b9edac18aac56e1c6820392f48f0bf7fa74bae

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88f0d17d793565cb-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 14:23:04 GMT
expires
Wed, 05 Jun 2024 14:23:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHu2bWUUfm%2BTxzWtDuHNVuLVV%2BPmmFWdvuX948Mb1mChl3Ck%2BsFtqj2pCKCb%2BG%2FI93QbC1OUnOdlkspVvvUPYP8%2Fpo5yi4%2BPBHMore7peR4S%2FK%2BZ78iKDHLmxMsBthL0vA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
tag.js
a.teads.tv/analytics/
11 KB
4 KB
Script
General
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
last-modified
Wed, 28 Feb 2024 14:26:38 GMT
x-amz-request-id
7K6VHE5ZAC7GWV4D
etag
"d86492df4bad2a485597bfa437c78ad2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3393
x-amz-id-2
tCCKqBPcSOwlYXcLOzxkMauaCXMWCYbl1Vm/BK8sfFO4A6gyk/Lv6dmnLchBmy3fWtRSAoDU4qE=
ins.js
ntv.api.useinsider.com/
350 KB
89 KB
Script
General
Full URL
https://ntv.api.useinsider.com/ins.js?id=10000627
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3693a41d1886cfe119fc05db4aa41d555037fbbcf7180ff7a9b23813301bfad1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
tR.v9V5YUFgGDQQHxjmeCDejr0yau4nh
cf-cache-status
HIT
x-amz-request-id
F5CZFAHZ5HGB0HVZ
age
877
content-security-policy-report-only
connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=fuinDJwzxYn28eUF21n3j1nikZHHpXCKX6o89OisGRY-1717597384-1.0.1.1-QxFODmqcJz4z1wm2xMEfxml3HlaSDwlZn6G8uAvPRqaqOHRPO20Tuas1PZ6MytsMbbSkoN9KdvbRcII0Cu5cOxvxjkN4JYi52Uds0ipZdWOP2hkfRQElK1Rr_Gzc21HEdC4SqvAHcwCuEF_6DGEyYxB5.DV9crUp7szR2LJhFoU9C9uariT1NiO9OI4gBRC_ItuOjq_iU_zEEIrzoSjF_g; report-to cf-poxvosmscjequhln
content-encoding
br
x-amz-id-2
I7qjGw54LJC4W2dpsBzDU7MXXqUaOJpnv5lMbkVprhvctQOEuSTlPUFv4m2CISLujw+eK0XAN3A=
x-xss-protection
1
pragma
public
last-modified
Wed, 05 Jun 2024 14:08:11 GMT
server
cloudflare
etag
W/"66d5797097446285def4960c4d786772"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=fuinDJwzxYn28eUF21n3j1nikZHHpXCKX6o89OisGRY-1717597384-1.0.1.1-QxFODmqcJz4z1wm2xMEfxml3HlaSDwlZn6G8uAvPRqaqOHRPO20Tuas1PZ6MytsMbbSkoN9KdvbRcII0Cu5cOxvxjkN4JYi52Uds0ipZdWOP2hkfRQElK1Rr_Gzc21HEdC4SqvAHcwCuEF_6DGEyYxB5.DV9crUp7szR2LJhFoU9C9uariT1NiO9OI4gBRC_ItuOjq_iU_zEEIrzoSjF_g"}],"group":"cf-poxvosmscjequhln","max_age":86400}
cache-control
public, max-age=300
cf-ray
88f0d18448e73654-FRA
expires
Wed, 05 Jun 2024 14:28:04 GMT
gtm.js
www.googletagmanager.com/
276 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69e42ff5a263a3ad0603f3f1400961fe8691fb825a6858b84814f69d29ff31d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90303
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 14:23:04 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/
2 MB
903 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/OtAutoBlock.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45b4f111b058afe046593da68b8ed8ea02459dcffaf4ec5193e1834775a948c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
77856
content-md5
0r6jnTShz47aZWf12gYyRg==
content-length
923391
x-ms-lease-status
unlocked
last-modified
Wed, 20 Oct 2021 20:31:47 GMT
server
cloudflare
etag
0x8D99408A3519C93
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b3db9f3c-601e-004b-1589-13c5d0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d185e9b665cf-FRA
expires
Thu, 06 Jun 2024 14:23:04 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YmFgVUTeB0lXZXM9YgX19A==
age
63786
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 16:08:05 GMT
server
cloudflare
etag
0x8DC84B084AB1D41
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f596fbec-e01e-004e-3c99-b6848c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d185e9b965cf-FRA
expires
Wed, 05 Jun 2024 20:39:58 GMT
css
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ac5c7710d3fd128e3d9547658e33fec927122fa82e23a7f408140dc2514eb32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 12:26:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jun 2024 14:23:04 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/
1 KB
976 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
70364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
394
last-modified
Sat, 06 Jan 2024 19:26:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65999b45-18a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ayyEckDs26cp2AlPN2%2FjXNMpbhY716z4DZ0grxviv7cgg4B45aAg7wy8s4QIFmQZg1FIyKfU1Ild6fZ5PqsCFc3dMNzamKya10WH70VvaTuLtttr%2BrC8BXCgqWtxzHnyP2RFLqzH"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88f0d184aeb4a073-FRA
expires
Mon, 26 May 2025 14:23:04 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
483269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
655
last-modified
Sat, 06 Jan 2024 19:26:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65999b42-28f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzDG9gZsS3mcTTvMBDQP5Uph7SgAQWNeeZq1KRCkqVd4SqBxwVloHuHpkUFmvRv4CCFp2ZImBz%2Fc0C7RoZChOwQAskk2q9%2BmRGWAoknjD9r2boqkvT6EklMYbpLeonNZt%2Brmixuv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88f0d184aeb8a073-FRA
expires
Mon, 26 May 2025 14:23:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
95 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
93ecae37a44aecfe9ca798c6f83ae3cc85d5b3b605ee1826156e0d6a750dd005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30737
x-xss-protection
0
server
cafe
etag
989 / 19879 / m202405300101 / config-hash: 17669058941166595955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Jun 2024 14:23:04 GMT
loader.js
contributor.google.com/scripts/1cc5af75de07e1f9/
0
1 KB
Script
General
Full URL
https://contributor.google.com/scripts/1cc5af75de07e1f9/loader.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'nonce-uLO2AJj2wCaDaNh4292IJA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'nonce-uLO2AJj2wCaDaNh4292IJA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 14:12:20 GMT
age
644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorContributorHttp/web-reports?context=eJzjstDikmII0pBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQJ_07z1oCxO2fL7DOBGIhHo4jTxo3swkcWHvuIpOSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiYGZgbGegXF8gQEAFxgsvA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 05 Jun 2025 14:12:20 GMT
logo.svg
cdn.ntv.com.tr/img/
9 KB
7 KB
Image
General
Full URL
https://cdn.ntv.com.tr/img/logo.svg?v=14932a
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
9d13b63548a4b1bdd597e6c0671499ce59d8a6cde0b54f008be2fe6afe7556c7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
content-md5
9glse2KOBjt1rcwRP5xuFg==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 08:15:18 GMT
server
MNCDN-2139
x-mnrequest-id
184d099fc858ce66cea3add5d3bc9db4
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6745633d-701e-0039-067b-b6815e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
MNCDN-2137
dygtag-ntv.js
dygassets.dygdigital.com/Rep/
358 KB
65 KB
Script
General
Full URL
https://dygassets.dygdigital.com/Rep/dygtag-ntv.js?v=14932a
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
aac90b82a07a9be1b02f5ecd151154dc527a00071177209ee287804c0331da5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:05 GMT
content-encoding
gzip
content-md5
2uT1MpVo68zKMLvdKYn20w==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 12:28:41 GMT
server
MNCDN-237
x-mnrequest-id
85a51f2ef53bbbf4a21df5554e91529c
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
83042eb5-601e-000a-237b-b6def5000000
cache-control
max-age=7776000
x-ms-version
2009-09-19
x-mserver
DE-372
ntv-newsdetailpage.min.js
cdn.ntv.com.tr/js/
273 KB
73 KB
Script
General
Full URL
https://cdn.ntv.com.tr/js/ntv-newsdetailpage.min.js?v=14932a
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
6c3f09841a881a12e193f0cf3023b202d44230d0924725312f5e557cb3230245

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
content-md5
3jcXQ3fgsNfUnWbd5cnMxw==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 08:15:19 GMT
server
MNCDN-2139
x-mnrequest-id
7193cb6d64ba63f7386290306e3ec1c8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
82a4b2b8-401e-000d-607b-b6b296000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
DE-372
fpc
at.teads.tv/
0
337 B
Fetch
General
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_21406&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=90769f5&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-181-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2024 14:23:04 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://bessuilynn.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 05 Jun 2024 14:23:04 GMT
loader.js
cdn.taboola.com/libtrc/dogusmedia-ntv/
1 MB
219 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5dd8dd77706f24ff6e6c3d834565571f653110eb99fe4f9614b0f8a8dcecafcc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qP6yAvM8URhJMbsRQzuTEqFPD.AS4Zuj
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:04 GMT
x-amz-request-id
EFQP7W559PNJGK51
age
2
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
223766
x-amz-id-2
O68BeDCwFxf2fIU30u/Jw4dGnMB7opmyLvKGFoCmmRo8zkwyhodoKdpRqM3pekYXZdwtY32PheM=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 11:35:47 GMT
server
AmazonS3
x-timer
S1717597385.623887,VS0,VE2
etag
"ac224db557b6acdcec28089e8b8593a4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
AGSKWxU3m_56js700tV1WzRYq0HEtg0Y9FlWSJOo9wkclG178oMjXw-FUVw8XlRrLH7uQ0g6JUZZJiLd_cPsk-iqW8M=
fundingchoicesmessages.google.com/f/
23 KB
10 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU3m_56js700tV1WzRYq0HEtg0Y9FlWSJOo9wkclG178oMjXw-FUVw8XlRrLH7uQ0g6JUZZJiLd_cPsk-iqW8M=
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5aebe3c27e3896c4220b7ff3c2e96438fe9ed47449997c8203b39605102b410e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VKoDQp5jyQBwRa_83DrKig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-VKoDQp5jyQBwRa_83DrKig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj8tDikmLw05BiOO90h-k6EBtoPGeyAGKJry-ZNIDYKX0GaxAQ-9TPYI0B4tab51inAnHSv_OsRUDc_vkC63QgFuLhOPGycTObwIf1qzcyKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBkY6xkYxxcYAAAGijMk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
ntv-background-img.svg
cdn.ntv.com.tr/img/
1 KB
1 KB
Image
General
Full URL
https://cdn.ntv.com.tr/img/ntv-background-img.svg
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
0f0442ab444bf86b7cc42c0318b9daf60bbe574eb16443bd543b1f3cecda56a1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
content-md5
Y4OaTwsrxfu8N74kfSZQ8Q==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Fri, 31 May 2024 08:47:19 GMT
server
MNCDN-2139
x-mnrequest-id
ae4826583e90bfe6bfeef5598469c744
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5845b43e-a01e-0048-7da8-b56775000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
DE-372
icomoon.ttf
cdn.ntv.com.tr/fonts/icons/
18 KB
12 KB
Font
General
Full URL
https://cdn.ntv.com.tr/fonts/icons/icomoon.ttf?v=14932a
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
f6f1a3b3aa231ea365b346a919eb52e0bca33e4ce566c686f7420948cb11601f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
content-md5
nhpe9WSE8FhcpXm5o7QO7w==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 08:15:18 GMT
server
MNCDN-2139
x-mnrequest-id
e7eb4cf27dce0a14cc8bc64d152815b1
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
59aedc49-c01e-003c-117b-b65385000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
DE-372
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:10:19 GMT
x-content-type-options
nosniff
age
87165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:10:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:34:01 GMT
x-content-type-options
nosniff
age
85743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:34:01 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 18:30:09 GMT
x-content-type-options
nosniff
age
157975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jun 2025 18:30:09 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:51:46 GMT
x-content-type-options
nosniff
age
84678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:51:46 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 08:26:26 GMT
x-content-type-options
nosniff
age
21398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jun 2025 08:26:26 GMT
KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:44:54 GMT
x-content-type-options
nosniff
age
85090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11756
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:44:54 GMT
dummy-img-1000x850.jpg
cdn.ntv.com.tr/img/
2 KB
2 KB
Image
General
Full URL
https://cdn.ntv.com.tr/img/dummy-img-1000x850.jpg
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
091ef0a625e4d5d3f767ee6e143d2e47625cb7df6da47fa97fe56a2da6002bf8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-md5
rbBG0d8BTVjWMBZgIUpoug==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
content-length
1628
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 08:15:18 GMT
server
MNCDN-2139
x-mnrequest-id
38f531971a8971274a230ae078f1e773
etag
0x8DC846E7892E65E
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
0e4dfef6-001e-006e-1e8b-b62f6d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
DE-372
na9_m3pVF0-vxgFiUg0bMw.jpg
cdn1.ntv.com.tr/gorsel/
3 KB
4 KB
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/na9_m3pVF0-vxgFiUg0bMw.jpg?width=150&height=85&mode=crop&scale=both&v=1717394883119
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
58e45c14afef482bf15a053aff5ab3f7e40743387f7c993718ee1bafbe1b8ede

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
2af476c04fdc7ea1d2a733f231e50d94
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
3316
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
EtJAlyMJcE2Cbp1C_L9Gbw.jpg
cdn1.ntv.com.tr/gorsel/
6 KB
6 KB
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/EtJAlyMJcE2Cbp1C_L9Gbw.jpg?width=150&height=85&mode=crop&scale=both&v=1717173010033
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
650a5274ce52f68963a6a54bed07c0248a98d4d0d7fcac936d34b76480fa2c07

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
4a7a7eaa2cce445502f3439115b4def0
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
6312
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
y1mvEnWRqkSrTTWd-kh6wQ.jpg
cdn1.ntv.com.tr/gorsel/
2 KB
2 KB
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/y1mvEnWRqkSrTTWd-kh6wQ.jpg?width=150&height=85&mode=crop&scale=both&v=1717139216899
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
1ae01237aa51ea29010c2df24623fffaeb50d767cd7813f72c4576fd0207d622

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
06b03561366d1c71feab335ec0eb7b26
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
2
content-length
1954
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
LeS1OaAMB0ymq9eToYvlkw.jpg
cdn1.ntv.com.tr/gorsel/
4 KB
4 KB
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/LeS1OaAMB0ymq9eToYvlkw.jpg?width=150&height=85&mode=crop&scale=both&v=1716965453454
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
7ffbee9a416e31937116a8a587e2ccc4977df57b25e750ef24e2f670cca7f221

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
123057c1f438cf9a275cc14943ed44d5
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
4012
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
fiCRE5F8uEmvfMsEsedDcA.jpg
cdn1.ntv.com.tr/gorsel/
51 KB
51 KB
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/fiCRE5F8uEmvfMsEsedDcA.jpg?width=1000&mode=both&scale=both&v=1707539555825
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
aa5ebf1100bfacdbe5b21daf1b3c7c40d182299a2c08ca64dfcef1a407d00a3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
0fa664499d7fcef8b1da9021ccbaf45a
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : MISS, Midcache : HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
52032
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
1HTAv3vcSEeP27dRmhsetQ.jpg
cdn1.ntv.com.tr/gorsel/
34 KB
34 KB
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/1HTAv3vcSEeP27dRmhsetQ.jpg?width=1000&mode=both&scale=both&v=1707539555825
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
d905a035268e87c89be83ab4855d5dc3cca8489f90f352c716e9d1d8781a3df3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
bed880d3ac4392ce9bad3a75994a5aff
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : MISS, Midcache : HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
34844
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
ySwdcY9Zkk-XhKBoVFwI1Q.jpg
cdn1.ntv.com.tr/gorsel/
30 KB
30 KB
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/ySwdcY9Zkk-XhKBoVFwI1Q.jpg?width=1000&mode=both&scale=both&v=1707539555825
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
278fe32b28c15eda8356d53f0ef572a33c6dec5c576fd9c314e3a623f4dd4188

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
bb856215868256974272f78137df4254
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : MISS, Midcache : HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
30716
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
ntv-newsdetailpage.min.css
cdn.ntv.com.tr/css/
87 KB
13 KB
Stylesheet
General
Full URL
https://cdn.ntv.com.tr/css/ntv-newsdetailpage.min.css?v=14932a
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
1426460a24307191cece06734bbd783b0a3025cfd677b93a4e677a79f6c675e2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
content-md5
AzA+wC+bVriqlYoj9AHK0Q==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 08:15:18 GMT
server
MNCDN-2139
x-mnrequest-id
c0e81e6c35c0a12cdd3fc26841cdfcd2
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
363e6502-601e-0057-157b-b6d471000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
DE-372
wVd71WmG
bessuilynn.com/
569 KB
74 KB
XHR
General
Full URL
https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Requested by
Host: dygassets.dygdigital.com
URL: https://dygassets.dygdigital.com/Rep/dygtag-ntv.js?v=14932a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e3a45a6b5e3e451b30647e89b9edac18aac56e1c6820392f48f0bf7fa74bae

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EALeUZpLPbxhT2BgT9lNpyQYGXefIyDVa65bqz8oQZ6MMzLhpx6C6MlpQg4NzF%2BHeIwBvuewcnqPdburVw2fdP9iGBNJJw%2BzXl85jXl0WKFVhI6xnRroN%2BrJ5TRgku5gkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
88f0d185fe6865cb-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 05 Jun 2024 14:23:04 GMT
xgemius.js
gatr.hit.gemius.pl/
70 KB
20 KB
Script
General
Full URL
https://gatr.hit.gemius.pl/xgemius.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.222.252.172 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip172.ip-92-222-252.eu
Software
GHC /
Resource Hash
e0c9375f9f6d004a270d072d4dad53a3bb9e298f27ff8a55b15270813448c01c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 08:33:58 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
20338
expires
Thu, 06 Jun 2024 02:23:05 GMT
4bc85f0d-86d7-43bd-ace5-2703799ed724.json
cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/4bc85f0d-86d7-43bd-ace5-2703799ed724.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e23d8fae36881c64ddeb4c360a7836dc90d6665c10319b0b92921e189c1e4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
32806
content-md5
qORf1gNNvkwFpHTxQ/rJzg==
content-length
1462
x-ms-lease-status
unlocked
last-modified
Wed, 20 Oct 2021 20:31:44 GMT
server
cloudflare
etag
0x8D99408A1ABC9FB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
38c34183-f01e-005a-137b-b547e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d18cde5803d0-FRA
expires
Thu, 06 Jun 2024 14:23:05 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/
460 KB
144 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
cb00a860660974b25947b756849035378feb8893f3699e16d391cabbf8374f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 07:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
25240
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147019
x-xss-protection
0
server
cafe
etag
3255905288585425474
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Jun 2025 07:22:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
68 B
85 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bessuilynn.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
7dc0caecdd1fc4e2e3d913b5e6d4877644c6c22afae1ba5d5f6d53c08e5c12a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
x-xss-protection
0
expires
Wed, 05 Jun 2024 14:23:05 GMT
sync
gum.criteo.com/
46 B
431 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
303515
expires
60
apstag.js
c.amazon-adsystem.com/aax2/
305 KB
76 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: dygassets.dygdigital.com
URL: https://dygassets.dygdigital.com/Rep/dygtag-ntv.js?v=14932a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:15:35 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 21:30:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
451
x-amz-server-side-encryption
AES256
etag
W/"7e37c61c24c4f874b286570f1eebc0ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
lbgq9NMrn7JijeHxgHqQKCZ69aXdh6jF0ATIV5rLFBhUT-uAa85xcA==
fbevents.js
connect.facebook.net/en_US/
219 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Jun 2024 14:23:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
mmjYej9BzPaAKh3vm6Sj5UDpqT6wxlwtvSl1D4TXbfrEHU6tZaxUoxy1S2Nbvjc+5OTH7zMr7finSHzViPujTQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracker1.js
cdn.p.analitik.bik.gov.tr/
34 KB
34 KB
Script
General
Full URL
https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.223.135.226 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
MerlinCDN /
Resource Hash
275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
via
HTTP/2.0 Merlin CDN
server
MerlinCDN
age
1030
x-midtier
tr-izm-nt-s16
x-cache-status
HIT
access-control-max-age
2592000
access-control-allow-methods
OPTIONS, GET, POST
access-control-allow-origin
*
x-edge
tr-izm-nt-s09
allow
GET, HEAD
cache-control
max-age=3600
js
www.googletagmanager.com/gtag/
231 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11332975750
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fa7c932416769427a190b29562159664dbd446e92ccbff8dff682e513758fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84888
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 14:23:05 GMT
o.js
servg1.net/
9 KB
9 KB
Script
General
Full URL
https://servg1.net/o.js?uid=8ec08bf141be0cb431e04dc9
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.186.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-186-205.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
61caf96dfa41d2cf2438f1344d9319fdca8672002b71a7a2b9ab673f3f4f80ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
server
nginx
x-powered-by
Express
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5184000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
9416
json
www.ntv.com.tr/havadurumu/
0
0

worker-new.html
ntv.api.useinsider.com/ Frame 34F2
0
0
Document
General
Full URL
https://ntv.api.useinsider.com/worker-new.html
Requested by
Host: ntv.api.useinsider.com
URL: https://ntv.api.useinsider.com/ins.js?id=10000627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
882
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
88f0d18e3a109a2d-FRA
content-encoding
br
content-security-policy-report-only
connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com; frame-src *.api.useinsider.com; img-src *; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com *.api.useinsider.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://api.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com freecdb.top connect.facebook.net vwvwvwvw.b-cdn.net vwvwvwvw1.b-cdn.net mainf.global-cache.online https://resources.usersnap.com https://app.getbeamer.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=cUGBQ8zV7C2XGIFE5vt6O3M9sOhiv6vmxlZ7d9gNbOs-1717597385-1.0.1.1-kTZmzaixlxLJKDsKPYarj80kmDMrn7xyjrv1Ml32GD31xA0zrEny2VRfigcAj9_r.8x0rd2Q1EKBl0HP1MJRbafCHgaX_J0Zo0iOPSMnb68te37oZUVlyMraar1HT2xCaHkiL7UhnMxd9DiQdD5K46gbe3gGR63P1mUvGU3AquSEFggC4_DaRL3cvAHgIRr5cgYu7gJg62PHM841k88zgw; report-to cf-gusaduvrwyxvzywn
content-type
text/html
date
Wed, 05 Jun 2024 14:23:05 GMT
expires
Wed, 19 Jun 2024 14:23:05 GMT
last-modified
Tue, 04 Jun 2024 03:48:22 GMT
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=cUGBQ8zV7C2XGIFE5vt6O3M9sOhiv6vmxlZ7d9gNbOs-1717597385-1.0.1.1-kTZmzaixlxLJKDsKPYarj80kmDMrn7xyjrv1Ml32GD31xA0zrEny2VRfigcAj9_r.8x0rd2Q1EKBl0HP1MJRbafCHgaX_J0Zo0iOPSMnb68te37oZUVlyMraar1HT2xCaHkiL7UhnMxd9DiQdD5K46gbe3gGR63P1mUvGU3AquSEFggC4_DaRL3cvAHgIRr5cgYu7gJg62PHM841k88zgw"}],"group":"cf-gusaduvrwyxvzywn","max_age":86400}
server
cloudflare
vary
Accept-Encoding
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
295 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept
application/json
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
88f0d18e48c76ae9-FRA
access-control-allow-headers
Content-Type
fpdata.js
gatr.hit.gemius.pl/
285 B
400 B
Script
General
Full URL
https://gatr.hit.gemius.pl/fpdata.js?href=bessuilynn.com
Requested by
Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.222.252.172 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip172.ip-92-222-252.eu
Software
GHC /
Resource Hash
43d682ebf13e6ed73077f08113ee1551d608654fc5ab3deeb60f135b665f0ccc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
285
expires
Fri, 05 Jul 2024 14:23:05 GMT
lsget.html
ls.hit.gemius.pl/ Frame 308D
0
0
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2807
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jun 2024 14:23:06 GMT
etag
PRIVATE7520710249
expires
Fri, 05 Jul 2024 14:23:06 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
ads
pagead2.googlesyndication.com/gampad/
48 KB
19 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1976697497619569&correlator=2390789759297098&eid=31079957%2C31084062%2C31084266%2C95331444%2C31078668&output=ldjh&gdfp_req=1&vrg=202405300101&ptt=17&impl=fif&ltd_cs=1&iu_parts=37011203%2Cntv_desktop%2Cfoto-galeri%2Cotomobil%2Cldb3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1717597385967&lmt=1717597385&adxs=315&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&vis=1&psz=1600x-1&msz=1600x-1&fws=0&ohw=0&ga_vid=1675333363.1717597386&ga_sid=1717597386&ga_hid=361807481&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717597384249&idt=1679&prev_scp=ntv_cat%3Dotomobil%2Cekonomi%2Cntvpara%2Cotomotiv%2Celektrikli-otomobil%2Crize-pazar%2Ctokat-pazar%2CuzO8fADG-UGxFg5I0H7GEQ%2Cldb3%26dygtag%3Dcontent-type-foto-galeri-detay%2Cposition-site-top%2Cversion-1.6.41%2Cviewport-first&adks=1119255608&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3968a0b20eb4cf70c727d7eff2e083faf837b7e20a511dda0ff884b2d34fee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18995
x-xss-protection
0
google-lineitem-id
6505304767
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138463054006
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
65 KB
24 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1976697497619569&correlator=2390789759297098&eid=31079957%2C31084062%2C31084266%2C95331444%2C31078668&output=ldjh&gdfp_req=1&vrg=202405300101&ptt=17&impl=fif&ltd_cs=1&iu_parts=37011203%2Cntv_desktop%2Cfoto-galeri%2Cotomobil%2Cldb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1%7C970x250%7C950x250%7C728x90%7C970x90%7C940x90%7C960x250%7C960x90&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1717597385972&lmt=1717597385&adxs=315&adys=235&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=1000&ga_vid=1675333363.1717597386&ga_sid=1717597386&ga_hid=361807481&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717597384249&idt=1679&prev_scp=ntv_cat%3Dotomobil%2Cekonomi%2Cntvpara%2Cotomotiv%2Celektrikli-otomobil%2Crize-pazar%2Ctokat-pazar%2CuzO8fADG-UGxFg5I0H7GEQ%2Cldb%26dygtag%3Dcontent-type-foto-galeri-detay%2Cposition-content-top%2Cversion-1.6.41%2Cviewport-first&adks=923715488&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
5b7a678427eb284df8521b956fefc56c34377b71d5db2692e036bc40cb7aaf66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24171
x-xss-protection
0
google-lineitem-id
5736432436
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426852453
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
437 B
191 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1976697497619569&correlator=2390789759297098&eid=31079957%2C31084062%2C31084266%2C95331444%2C31078668&output=ldjh&gdfp_req=1&vrg=202405300101&ptt=17&impl=fif&ltd_cs=1&iu_parts=37011203%2Cntv_desktop%2Cfoto-galeri%2Cotomobil%2Cntv1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&fluid=height&ifi=3&sfv=1-0-40&sc=1&abxe=1&dt=1717597385973&lmt=1717597385&adxs=981&adys=453&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&vis=1&psz=318x-1&msz=318x-1&fws=0&ohw=0&ga_vid=1675333363.1717597386&ga_sid=1717597386&ga_hid=361807481&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717597384249&idt=1679&prev_scp=ntv_cat%3Dotomobil%2Cekonomi%2Cntvpara%2Cotomotiv%2Celektrikli-otomobil%2Crize-pazar%2Ctokat-pazar%2CuzO8fADG-UGxFg5I0H7GEQ%2Cntv1%26dygtag%3Dcontent-type-foto-galeri-detay%2Cposition-sidebar-top%2Cversion-1.6.41%2Cviewport-first&adks=3796329148&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4e2f89974aa108281045d76762b589c1e29bcd3270bb3f01923641203ae0a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
44 KB
11 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1976697497619569&correlator=2390789759297098&eid=31079957%2C31084062%2C31084266%2C95331444%2C31078668&output=ldjh&gdfp_req=1&vrg=202405300101&ptt=17&impl=fif&ltd_cs=1&iu_parts=37011203%2Cntv_desktop%2Cfoto-galeri%2Cotomobil%2Cl-skin&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1%7C120x600%7C160x600&ifi=4&sfv=1-0-40&sc=1&abxe=1&dt=1717597385974&lmt=1717597385&adxs=161&adys=90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&vis=1&psz=280x-1&msz=120x-1&fws=0&ohw=0&ga_vid=1675333363.1717597386&ga_sid=1717597386&ga_hid=361807481&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717597384249&idt=1679&prev_scp=ntv_cat%3Dotomobil%2Cekonomi%2Cntvpara%2Cotomotiv%2Celektrikli-otomobil%2Crize-pazar%2Ctokat-pazar%2CuzO8fADG-UGxFg5I0H7GEQ%2Cl-skin%26dygtag%3Dcontent-type-foto-galeri-detay%2Cposition-sticky%2Cversion-1.6.41%2Cviewport-first&adks=1651924171&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
aa764942d430c2643022a5d7184913f091389f6f2a2f540af8c41fdb42b66225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11106
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
433 B
188 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1976697497619569&correlator=2390789759297098&eid=31079957%2C31084062%2C31084266%2C95331444%2C31078668&output=ldjh&gdfp_req=1&vrg=202405300101&ptt=17&impl=fif&ltd_cs=1&iu_parts=37011203%2Cntv_desktop%2Cfoto-galeri%2Cotomobil%2Cins&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&abxe=1&dt=1717597385975&lmt=1717597385&adxs=800&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&vis=1&psz=1600x-1&msz=1600x-1&fws=0&ohw=0&ga_vid=1675333363.1717597386&ga_sid=1717597386&ga_hid=361807481&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717597384249&idt=1679&prev_scp=ntv_cat%3Dotomobil%2Cekonomi%2Cntvpara%2Cotomotiv%2Celektrikli-otomobil%2Crize-pazar%2Ctokat-pazar%2CuzO8fADG-UGxFg5I0H7GEQ%2Cins%26dygtag%3Dcontent-type-foto-galeri-detay%2Cposition-popup%2Cversion-1.6.41%2Cviewport-first&adks=1372696588&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
86535cf9b83e769ae2490b6064ad4a73ffca04a95799f24bbaa8e635f000df9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
159
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
47 KB
18 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1976697497619569&correlator=2390789759297098&eid=31079957%2C31084062%2C31084266%2C95331444%2C31078668&output=ldjh&gdfp_req=1&vrg=202405300101&ptt=17&impl=fif&ltd_cs=1&iu_parts=37011203%2Cntv_desktop%2Cyieldmath&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&sc=1&abxe=1&dt=1717597385976&lmt=1717597385&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&vis=1&psz=1x-1&msz=1x-1&fws=4&ohw=1&ga_vid=1675333363.1717597386&ga_sid=1717597386&ga_hid=361807481&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717597384249&idt=1679&prev_scp=ntv_cat%3Dotomobil%2Cekonomi%2Cntvpara%2Cotomotiv%2Celektrikli-otomobil%2Crize-pazar%2Ctokat-pazar%2CuzO8fADG-UGxFg5I0H7GEQ%2Cyieldmath%26dygtag%3Dcontent-type-foto-galeri-detay%2Cposition-pixel%2Cversion-1.6.41%2Cviewport-first&adks=2398203093&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6c968f1c6ad9a2f73c976cdbd216384e84733db22e5f6551e2ad744a5fb4eb9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18351
x-xss-protection
0
google-lineitem-id
6321945751
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138435516980
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF14
0
0
Document
General
Full URL
https://2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jun 2024 14:23:06 GMT
expires
Wed, 05 Jun 2024 14:23:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
7c109e62-1776-48af-bc92-042b465f87c6
config.aps.amazon-adsystem.com/configs/
563 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/7c109e62-1776-48af-bc92-042b465f87c6
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-15.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
dbdba52f28c6b2e8afc7bafbbcb1b9e865e413869663e6b18ef8939026e468a4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:41:35 GMT
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
age
2491
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
cJ8li2j2FMyp0Jz5DtTH0SHRST7uNNEqdr8gh7d22GfsSPKxmJSwhw==
config
c.amazon-adsystem.com/cdn/prod/
0
302 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbessuilynn.com&pubid=7c109e62-1776-48af-bc92-042b465f87c6
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:05 GMT
via
1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
access-control-allow-origin
https://bessuilynn.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
GamqqcZD9N0bbKTVX1ejtnjS2Ub9ezOhGwNDlDRCwgmS3NFS2UbHEA==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
357 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&pid=X61f7Tj4S38GG&cb=0&ws=1600x1200&v=24.521.1732&t=2000&slots=%5B%7B%22sd%22%3A%22dygtag-gpt-ad-23%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22950x250%22%2C%22728x90%22%2C%22970x90%22%2C%22940x90%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fldb%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-24%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22950x250%22%2C%22728x90%22%2C%22970x90%22%2C%22940x90%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fldb%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-25%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22950x250%22%2C%22728x90%22%2C%22970x90%22%2C%22940x90%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fldb%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-26%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22950x250%22%2C%22728x90%22%2C%22970x90%22%2C%22940x90%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fldb%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-27%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22950x250%22%2C%22728x90%22%2C%22970x90%22%2C%22940x90%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fldb%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-28%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-29%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-30%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-31%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-32%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-33%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-34%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-35%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-36%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-37%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-38%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-39%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-40%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-41%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-42%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-43%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-44%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-45%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-46%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22dygtag-gpt-ad-47%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F37011203%2Fntv_desktop%2Ffoto-galeri%2Fotomobil%2Fmpu1%22%7D%5D&pubid=7c109e62-1776-48af-bc92-042b465f87c6&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-98.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
via
1.1 455035b7b3ab5f564b775e2968249d3e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8_ChdsiB6k1bSd29mw4vQSI9hNbIPjQ4k1oA-I4EQ-WuSOJ40CW7tw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 05:16:21 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
32805
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6RFpDflDr_tHdDsZLeOZqoHmr2wLjvbCZXX7VNMZ4OnmTSX43JXm3g==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.25.0/
318 KB
76 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wv3c0qnkBhaWE//T4i2BGA==
age
68440
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
77456
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:46 GMT
server
cloudflare
etag
0x8D9957C5F8AA42D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ade9286e-b01e-0015-1c7d-0c2e30000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d18f190365cf-FRA
309647519525108
connect.facebook.net/signals/config/
65 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/309647519525108?v=2.9.157&r=stable&domain=bessuilynn.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4e050711cc7bd5116a9866d823b64d38e52945e17b114ef99c2fe76e80bbfe8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Jun 2024 14:23:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=63, mss=1297, tbw=63508, tp=-1, tpl=-1, uplat=63, ullat=0
pragma
public
x-fb-debug
2ZCFvW+MWGzUIPsIXgEvVe2/nMfkQYdQ170hY4K5Dkh0QPdSouBJql0C9iFsnKqrR+RFxCMUF6z2uCWMCJfaJg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
rexdot.js
gatr.hit.gemius.pl/__/_1717597386100/
Redirect Chain
  • https://gatr.hit.gemius.pl/_1717597386100/rexdot.js?l=100&sendf=24&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbess...
  • https://gatr.hit.gemius.pl/__/_1717597386100/rexdot.js?l=100&sendf=24&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fb...
169 B
653 B
Script
General
Full URL
https://gatr.hit.gemius.pl/__/_1717597386100/rexdot.js?l=100&sendf=24&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=gSksjStjZvW_Q2uEIrq5FXR8.Vn6.CzawER54Egom3D.V7.GLpL_0J8ol4qJCBUZjFNi3sYq0vYjjWtsOh9Wm1yEgl3q/0zJ_G4hPnv8ok/&fpdata=F.XAGRbH6b235hQpyHxMyu7Ra.9JbW0vW4g0WpiZNxz.z7%7C1717597385%7C2&ltime=213&fr=1&ref=&inner=_ver%3D350%7C_ch_arch%3Dx86%7C_ch_pm%3DWin32%7C_ch_pver%3D10.0.0%7C_ch_bits%3D64%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7B%22Google%20Chrome%22%2C%22125.0.6422.141%22%7D%2C%7B%22Chromium%22%2C%22125.0.6422.141%22%7D%2C%7B%22Not.A%2FBrand%22%2C%2224.0.0.0%22%7D&exid=666074c934cfe561&brts=1717597386&fpcap=
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Server
92.222.252.172 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip172.ip-92-222-252.eu
Software
GHC /
Resource Hash
f253eb251d1d37c57454b704606b248dac4510b6a343177805a3f08b89a7828d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:06 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Tue, 04 Jun 2024 14:23:06 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:06 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1717597386100/rexdot.js?l=100&sendf=24&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=gSksjStjZvW_Q2uEIrq5FXR8.Vn6.CzawER54Egom3D.V7.GLpL_0J8ol4qJCBUZjFNi3sYq0vYjjWtsOh9Wm1yEgl3q/0zJ_G4hPnv8ok/&fpdata=F.XAGRbH6b235hQpyHxMyu7Ra.9JbW0vW4g0WpiZNxz.z7%7C1717597385%7C2&ltime=213&fr=1&ref=&inner=_ver%3D350%7C_ch_arch%3Dx86%7C_ch_pm%3DWin32%7C_ch_pver%3D10.0.0%7C_ch_bits%3D64%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7B%22Google%20Chrome%22%2C%22125.0.6422.141%22%7D%2C%7B%22Chromium%22%2C%22125.0.6422.141%22%7D%2C%7B%22Not.A%2FBrand%22%2C%2224.0.0.0%22%7D&exid=666074c934cfe561&brts=1717597386&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 04 Jun 2024 14:23:06 GMT
tr.json
cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/0017b46f-75f4-46bb-a052-1b7a36e2be9f/
209 KB
37 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/0017b46f-75f4-46bb-a052-1b7a36e2be9f/tr.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e8dbb888529e0061ee91488b1cbef62cf45c2c9f06e02c657de1bea37f18242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
nPzJ5/76TA01ZDY9dSRTzw==
content-length
37402
x-ms-lease-status
unlocked
last-modified
Wed, 20 Oct 2021 20:31:53 GMT
server
cloudflare
etag
0x8D99408A74B6A2A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5527e9a9-b01e-00b3-1d12-b7bbee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d18f8bba03d0-FRA
expires
Thu, 06 Jun 2024 14:23:06 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/
399 KB
57 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7de5945bef8d5269befd51919b5c1c6d17abb0c622e1681b74d8e99c704371e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XPgQ6aW6CM3d5MqSAQeh9A==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
58165
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 06:35:09 GMT
server
cloudflare
etag
0x8DC8529A5885CBF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bbf062e4-401e-006a-5612-b71dc2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d18f8bc003d0-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.25.0/
68 KB
15 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YXJYn5Vw+11yZ/srS1Yf2Q==
age
81834
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14952
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:47 GMT
server
cloudflare
etag
0x8D9957C60A782D5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
27022ac7-401e-0073-3f94-226110000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d18f8a1065cf-FRA
823290832722965
connect.facebook.net/signals/config/
20 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/823290832722965?v=2.9.157&r=stable&domain=bessuilynn.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
a55fa29ec26f45ca46589e30541efeb1e7298c13df4259583fb6f5c85c52ad9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Jun 2024 14:23:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4322, tp=9, tpl=0, uplat=176, ullat=0
pragma
public
x-fb-debug
vuWyLWV/azFIlxpK5WlO2DIQpH5ZJtPt+Xy9AgJpMaSgzaegTcqO9hEmBMAhR8S71WxW4ASCY0h1PcBFKkXj7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=309647519525108&ev=PageView&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&rl=&if=false&ts=1717597386195&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbc=fb.1.1717597386193.IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&fbp=fb.1.1717597386194.980819836268518084&cs_est=true&ler=empty&cdl=API_unavailable&it=1717597386068&coo=false&rqm=GET
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=2854, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Jun 2024 14:23:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=309647519525108&ev=PageView&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&rl=&if=false&ts=1717597386195&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbc=fb.1.1717597386193.IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&fbp=fb.1.1717597386194.980819836268518084&cs_est=true&ler=empty&cdl=API_unavailable&it=1717597386068&coo=false&rqm=FGET
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xabcf13dd8ba55b5e","source_keys":["1","2"]},{"key_piece":"0xe00002ba51ca3648","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 05 Jun 2024 14:23:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=18, mss=1297, tbw=3297, tp=-1, tpl=-1, uplat=162, ullat=0
pragma
no-cache
x-fb-debug
736mPImdu49EYOdZvArbqdTmvePFSmpxLL73HiBoKwQdapc463XT0z6bpTW+MYfEn2MqMND9bEj8pw9u8tGXGQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
103 B
Image
General
Full URL
https://www.facebook.com/tr/?id=309647519525108&ev=ViewContent&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&rl=&if=false&ts=1717597386196&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbc=fb.1.1717597386193.IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&fbp=fb.1.1717597386194.980819836268518084&ler=empty&cdl=API_unavailable&it=1717597386068&coo=false&rqm=GET
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=3141, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Jun 2024 14:23:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
475 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=309647519525108&ev=ViewContent&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&rl=&if=false&ts=1717597386196&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbc=fb.1.1717597386193.IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&fbp=fb.1.1717597386194.980819836268518084&ler=empty&cdl=API_unavailable&it=1717597386068&coo=false&rqm=FGET
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7627781ab34cb4f4","source_keys":["1","2"]},{"key_piece":"0xc2a812d014b01f55","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 05 Jun 2024 14:23:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=18, mss=1297, tbw=6675, tp=-1, tpl=-1, uplat=174, ullat=0
pragma
no-cache
x-fb-debug
iHJyv26nSIZhL68gVSaRKcbNcb3/pudhgjSPUsjx9O3q41C8PQR8GmR/QSybiPWOTQSV1bpiqI8LICY/kAw30A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
impl.20240604-4-RELEASE.js
cdn.taboola.com/libtrc/
896 KB
182 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b206e457a3afb3c34f989018276af92d522aad5e46e445dcea675fbfe2ce042e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
v22jn3tKXWJ8OUG8MefqtxgJM_OmKEUn
content-encoding
br
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:06 GMT
x-amz-request-id
DSWGXVYG3M93AS3G
age
19901
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
185947
x-amz-id-2
zGRIm/JZx0fcs2pCTj0lsdqQS13ITosBNmBZEAadqDP7w7k4vDhz2lB/AOa26J0lskMP7DNMsic=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 08:51:24 GMT
server
AmazonS3-br
x-timer
S1717597386.250707,VS0,VE0
etag
"4c698741f9f32e52fe747d15882bf0e5"
vary
Accept-Encoding
content-type
application/javascript
abp
92
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
32574
json
trc.taboola.com/dogusmedia-ntv/trc/3/
91 KB
35 KB
XHR
General
Full URL
https://trc.taboola.com/dogusmedia-ntv/trc/3/json?llvl=2&tim=16%3A23%3A06.231&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2224622%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fwvd71wmg%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1717597386231%2C%22cv%22%3A%2220240604-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ%22%2C%22vpi%22%3A%22%2Fwvd71wmg%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A41255%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Native%20TABOOLA_WIDGET_1%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Native%20TABOOLA_WIDGET_1%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22cd%22%3A40632.58%2C%22mw%22%3A1000%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%7D%2C%22cacheKey%22%3A%22text%3D%2FwVd71WmG%2CBelow%20Article%20Thumbnails%20Native%20TABOOLA_WIDGET_1%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1717500928661%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8525fe7616453771ed2cfa38608d4e4aa5ee944a6266e0c6d3424365f68c3546

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
315
date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.801875
x-fastly-to-nlb-rtt
7470
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220077-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1717597386.262710,VS0,VE315
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://bessuilynn.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
otFlat.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
QAufc0ozHqszfMLxOJh3oA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2950
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:36 GMT
server
cloudflare
etag
0x8D9957C59E8C180
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f6fd24c8-301e-002a-277b-b5342c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d1911e4003d0-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
faMrXPz5JqfF3CH105XLtA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2144
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:35 GMT
server
cloudflare
etag
0x8D9957C59807238
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f32a572a-b01e-0030-097b-b51b43000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f0d1911e4403d0-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.25.0/assets/
20 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
32805
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9ba04785-e01e-0045-3603-b79cf8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88f0d1911e4703d0-FRA
px.gif
servg1.net/
842 B
1 KB
Image
General
Full URL
https://servg1.net/px.gif?ch=1&rn=4.904178585590296
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.186.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-186-205.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
last-modified
Thu, 07 Apr 2022 19:23:14 GMT
server
nginx
x-powered-by
Express
etag
W/"34a-180057b14d0"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
842
px.gif
servg1.net/
842 B
1 KB
Image
General
Full URL
https://servg1.net/px.gif?ch=2&rn=4.904178585590296
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.186.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-186-205.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
last-modified
Thu, 07 Apr 2022 19:23:14 GMT
server
nginx
x-powered-by
Express
etag
W/"34a-180057b14d0"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
842
/
www.facebook.com/tr/
0
102 B
Image
General
Full URL
https://www.facebook.com/tr/?id=823290832722965&ev=PageView&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&rl=&if=false&ts=1717597386451&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbc=fb.1.1717597386193.IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&fbp=fb.1.1717597386194.980819836268518084&ler=empty&cdl=API_unavailable&it=1717597386068&coo=false&rqm=GET
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=18, mss=1297, tbw=6529, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Jun 2024 14:23:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
474 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=823290832722965&ev=PageView&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&rl=&if=false&ts=1717597386451&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbc=fb.1.1717597386193.IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&fbp=fb.1.1717597386194.980819836268518084&ler=empty&cdl=API_unavailable&it=1717597386068&coo=false&rqm=FGET
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbef4d590a607ec9c","source_keys":["1","2"]},{"key_piece":"0x5b90fced0585644e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 05 Jun 2024 14:23:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=18, mss=1297, tbw=7172, tp=-1, tpl=-1, uplat=38, ullat=0
pragma
no-cache
x-fb-debug
NYiloTQjWziD6JMBiyr1VYIVwo4KC9LmMAQ/mnS3k0ToqBQaaJ2njQp5SjlRC+w8y9wihRh3o2usVxtjJEuBQA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012405231944000/ Frame 17D3
196 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jun 2024 12:53:16 GMT
age
91790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56221
x-xss-protection
0
server
sffe
etag
"4f8c718905502572"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Jun 2025 12:53:16 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 17D3
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jun 2024 17:07:24 GMT
age
162942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5215
x-xss-protection
0
server
sffe
etag
"520f632e10627ab5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jun 2025 17:07:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 17D3
95 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jun 2024 17:07:24 GMT
age
162942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29049
x-xss-protection
0
server
sffe
etag
"d2ee33e5ff8fd311"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jun 2025 17:07:24 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 17D3
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jun 2024 17:07:24 GMT
age
162942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1909
x-xss-protection
0
server
sffe
etag
"bfb34e064e92ea30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jun 2025 17:07:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 17D3
40 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jun 2024 17:07:24 GMT
age
162942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12965
x-xss-protection
0
server
sffe
etag
"35ded0b44597563f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jun 2025 17:07:24 GMT
truncated
/ Frame 17D3
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcc6aaed62a2fdcfe95db92c098f70c8f0f7eeb310c9e5b39f1e033315c3b6a5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
14142965897079707682
tpc.googlesyndication.com/daca_images/simgad/ Frame 17D3
69 KB
69 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14142965897079707682
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
568d5cb84f9cc98563a9e8a0d25874dbbf88ae6ce2e62eff9042e64e113a1a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 04 Jun 2025 14:13:08 GMT
date
Tue, 04 Jun 2024 14:13:08 GMT
x-content-type-options
nosniff
age
86998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70178
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 13:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 17D3
2 KB
2 KB
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:06:50 GMT
x-content-type-options
nosniff
server
cafe
age
65776
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 05 Jun 2024 20:06:50 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 17D3
295 B
319 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:08:22 GMT
x-content-type-options
nosniff
server
cafe
age
884
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 06 Jun 2024 14:08:22 GMT
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:06 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
2516
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1717597387.715273,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
77
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7398
debug
am-trc-events.taboola.com/dogusmedia-ntv/log/2/
0
128 B
Ping
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi48=10143&tvi50=9058&tvi61=17311&tvi62=15729&tim=16%3A23%3A06.609&id=65222&cv=20240604-4-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://bessuilynn.com
date
Wed, 05 Jun 2024 14:23:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40035
debug
am-trc-events.taboola.com/dogusmedia-ntv/log/2/
0
127 B
Ping
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi48=10143&tvi50=9058&tvi61=17311&tvi62=15729&tim=16%3A23%3A06.609&id=35461&cv=20240604-4-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://bessuilynn.com
date
Wed, 05 Jun 2024 14:23:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40035
metrics
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
245 B
Ping
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://bessuilynn.com
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
245 B
Ping
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/abtests?route=AM%3AAM%3AV&lti=trecs&tvi48=10143&tvi50=9058&tvi61=17311&tvi62=15729&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=%2FwVd71WmG&wi=-4709447099323856001&pt=text&vi=1717597386231&tim=16%3A23%3A06.613&id=9744&llvl=2&cv=20240604-4-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1717597386613%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://bessuilynn.com
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
container.html
2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E7F
0
0
Document
General
Full URL
https://2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jun 2024 14:23:06 GMT
expires
Wed, 05 Jun 2024 14:23:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
pagead2.googlesyndication.com/pcs/ Frame 78F3
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstezSoD6Zbt2dN1VhoiCbOdeiaurBOybSxpnBDReEYd_X_YMiiq242KM3B1lRdTuqYeXXRTLLCbEfaQ0wNXY7qv1fxkgdy-64QHr4vJwy6HHkT1cr7h1kwFk7lK7TLsnGqDWiqCk6Cvpc-Ws9PEaL5aQtXkRv4rIblgnRBXqn078paTceCtWVOehmy7C0xPUXydEBO_CVZS27UEPrCYuIDoYlbseH6ySt21nyruEc03-nhaZPoNdaTuC2w-rLPMvRBiKK4n8VWHKQkx6yXwxcR-8iEPNL5pDrLD29O2oxszYzb6UahXNmDklmcaRJ2jGRMNHj7AqW9iCVx9H6ezpo6Rnc_HUsMh6Hy4cJKyId3K4PD84OxODA&sig=Cg0ArKJSzCGSo9hAcbJbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/ Frame 78F3
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
55f017283179055aaeb5642ae7bae973299c19504016022e279e9f9d653c2a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
86318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
8342817275361945841
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jun 2024 14:24:28 GMT
ntv.com.tr_21077.js
ads.vidoomy.com/ Frame 78F3
5 KB
2 KB
Script
General
Full URL
https://ads.vidoomy.com/ntv.com.tr_21077.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d513::4 Milan, Italy, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
/
Resource Hash
fd129ac387ca00336c3a5fd1c4640324b39184a2b265f9fa038c41d754a5d830

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:59:14 GMT
content-encoding
gzip
tp-cache
hit
age
1432
vary
, Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
accept-ranges
bytes
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 78F3
215 KB
65 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d3c2f5bfe4c9152aa9466dd2ad3e17eae58c06b47edc68270f1935d1a994068b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66507
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-7
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Jun 2024 15:09:39 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame 17D3
0
0

gen_204
pagead2.googlesyndication.com/pagead/ Frame 78F3
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 78F3
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
694146ddef015fa433e9bd31130689ed74f032a46ba0f12a4c9a70f0e0d32a27

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
/
servg1.net/
971 B
1 KB
Script
General
Full URL
https://servg1.net/?uid=663131b96c52cb35ce0d878e&oab=1
Requested by
Host: servg1.net
URL: https://servg1.net/o.js?uid=8ec08bf141be0cb431e04dc9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.186.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-186-205.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
f62b60845db5f3fbbe28c3ed8d5b6930868ae77e9adc835e92ca80429c38b5c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:07 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
971
expires
-1
vidoomy-player.js
vpaid.vidoomy.com/player/latest/
388 KB
109 KB
Script
General
Full URL
https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Requested by
Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/ntv.com.tr_21077.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5cb02d595757505062328ba3f97953e1571a762c77fec75668b5b82af11a2d24

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Wed, 05 Jun 2024 14:23:07 GMT
content-encoding
gzip
x-amz-request-id
tx00000544c9cdc126b48a8-0066606e76-623bcf0-prg
x-accel-date-max
1717595767
x-77-cache
HIT
x-cache
HIT
x-amz-storage-class
STANDARD
x-age
1620
x-accel-date
1717595767
alt-svc
h3=":443"; ma=86400
x-77-nzt
A8O1qhE3Nzf/VAYAACUTwjQ3Nzf/AAAAAFm7vKYEqZ0A
x-accel-expires
@1718632567
x-77-age
1620
last-modified
Wed, 05 Jun 2024 13:55:59 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1717595755/ctime:1717595755/gid:116/gname:jenkins-exec/md5:4237c108fc46dc675056efbdbd6b3f8d/mode:33188/mtime:1717595755/uid:116/uname:jenkins-exec
etag
W/"4237c108fc46dc675056efbdbd6b3f8d"
x-77-nzt-ray
4c156224ea154107cb74606681b03e0b
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
access-control-allow-credentials
true
sync.php
pixel.rubiconproject.com/exchange/
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
auto-user-sync
ads.stickyadstv.com/
43 B
495 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2024 14:23:07 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1717597387199057-359
view
pagead2.googlesyndication.com/pcs/ Frame 78F3
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuXflzP7IIxzNM3-fSto9Qi3eEnW92DtLKPHtsYuUvx_GKqol_Ozisf36sDAHReRllAOjUJvjorn7txmyLCzs8MrIh7IyCzsCoESICKYxPkSoz9YQ4SjTQCUOAyzESMRDEWaN_t9XYDnlZnx5RB3BaXRVE5veoKZs6rwUwIfpewo1Exiwvyoxef9YLk3XyGAKudjBgIvTLA0cqx0VA5Yx9H-ZsPpY8Z73rGrukqFLbu32f8UioIm5ySmcxx9WMEZewBQTr5B1GnZiUAL5CaBQNO8liv1xQPNsSbNeg9429MQWAJh7el5hqY5I1WdKoJPBemTdwofhOobeehXbWt1UofxGsGx7jB2omrW-1CgHcX0kCEO9CxIQ_V&sig=Cg0ArKJSzF59nyX03pf8EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ%3D%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
pagead2.googlesyndication.com/pcs/ Frame 7C0B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst91OjLzCrxk4ePvhk7Enljc0ikxx5sJyEvvrobV1hhFR33fnKWkGSaOlHRL9yhZHtUMl2TapHjoI6iKOZrwzbZGknOEr-nDytKAONjD7QEQyGZLCZ9H_VtPCIgVq47PKyRY6B_mFVa5Sr4FfFwsa5Btb1pKunnHF9zHYLlFnQqcDMUZhnAVLqf3GtB6NqgZuRx8mw7fPCYrB2dHTnxCQMBb4l3PgFKZwCVNor_GUhw5Vr3Ym5JmP4ondoGgdsLg2hVoWabEq00ockUYEBdRIwbnTFN4Eo-zzla6v3_ZweLvwC1fowBTr7-Jhs7CR4REzQOqAxJghjOpG0pbcWahEkXruOLTgxwhl_ohke4i-OodeBl5YmgpZcd4ZKZgUYDaYiowwVUWzA719A8NX-i7naq6GXtfo95l-pZPUo&sig=Cg0ArKJSzDKPrag3WSWEEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/ Frame 7C0B
23 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
55f017283179055aaeb5642ae7bae973299c19504016022e279e9f9d653c2a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
86318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9132
x-xss-protection
0
server
cafe
etag
8342817275361945841
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jun 2024 14:24:28 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/client/ Frame 7C0B
3 KB
1 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jun 2024 14:21:57 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7C0B
215 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d3c2f5bfe4c9152aa9466dd2ad3e17eae58c06b47edc68270f1935d1a994068b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66507
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-7
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Jun 2024 15:09:39 GMT
10026427715359616562
tpc.googlesyndication.com/simgad/ Frame 7C0B
57 KB
57 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10026427715359616562
Requested by
Host: bessuilynn.com
URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8accd8d105236b41a7c2d8e847b41827530f661cb34c86523bb7a724f7709cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 04 Jun 2025 14:08:07 GMT
date
Tue, 04 Jun 2024 14:08:07 GMT
x-content-type-options
nosniff
age
87300
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58219
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 14:23:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C0B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7C0B
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31a510633f8e98e60871bc736dc2caf72a1ab9963ba9464d5474d4b70fbe1584

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
/
servg1.net/
40 KB
40 KB
Script
General
Full URL
https://servg1.net/?uid=663131b96c52cb35ce0d878e&oab=1&puburl=https%253A%252F%252Fbessuilynn.com%252Fwvd71wmg%253Ffbclid%253Diwar14ukakx6u03z5ykawpi8oqwvnjxcqm_tg0jojn6gtucpmdnq_5wqbb44u_aem_sjkjqumokueut3jgzf5idq
Requested by
Host: servg1.net
URL: https://servg1.net/?uid=663131b96c52cb35ce0d878e&oab=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.186.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-186-205.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
9568b40e13d47eced9cd1cc4f5278783ec67736d850f72252f629ed79bb09e69

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:07 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
40641
expires
-1
view
pagead2.googlesyndication.com/pcs/ Frame 7C0B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsteO6Ca1ogSPBcZHEcYAqnGPj0K-h-dBIzy6Il3FTDHTDamASxK4CxgdDYuedrFTNvBJZPAlRiFfBSZ3jEOHjdvRjklR08J1jkzfat8aocuOmaS7q3Z4rH12Wd73cRUutIB-E9l7vR4zpu7Z4vNVa8Mj_fgznNwvAMf5s-m67sDkerhiPo6FIo2TtRKagrQz9SAMllILRgvJ6FI4oMFmm7N7kqXLrni4CVbSr2JT5k6JS-hg0Y4HX9YZjNPNZT8fuHmr4C3uanNaBHIiPiAbxFFfY2mmZ4m4V80QyJ728JiVMjSWW_lkkiGqjrDQ6bnhXmzvhY5gbhfsH-qJBHv0veElZvb4EhI4GQzFYE99o_pkzjGJ8BrqoxoGa-5KTjBx8oIoUTrJ_wuD5EPHLF8EKwGlk9bZWAPAG0vgBmGoA&sig=Cg0ArKJSzDx8JF0XM0jOEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ%3D%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/
17 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: servg1.net
URL: https://servg1.net/?uid=663131b96c52cb35ce0d878e&oab=1&puburl=https%253A%252F%252Fbessuilynn.com%252Fwvd71wmg%253Ffbclid%253Diwar14ukakx6u03z5ykawpi8oqwvnjxcqm_tg0jojn6gtucpmdnq_5wqbb44u_aem_sjkjqumokueut3jgzf5idq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
486942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5117
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hZfnIHcCWZS9Td65HkuNq0YOvXJ6X53wwKbAOCX1RgTidYNkmnhm%2B%2B1orLbrrOW8toYbSHf%2FAmtFyOqE9ehpGGpqpkQA86HZ9HaLW03990UZiRQxS%2Fj67Giz4TbLwXcOpUfnlnd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88f0d1979dd0a073-FRA
expires
Mon, 26 May 2025 14:23:07 GMT
fiCRE5F8uEmvfMsEsedDcA.jpg
cdn1.ntv.com.tr/gorsel/
51 KB
0
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/fiCRE5F8uEmvfMsEsedDcA.jpg?width=1000&mode=both&scale=both&v=1707539555825
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
aa5ebf1100bfacdbe5b21daf1b3c7c40d182299a2c08ca64dfcef1a407d00a3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
0fa664499d7fcef8b1da9021ccbaf45a
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : MISS, Midcache : HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
52032
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
na9_m3pVF0-vxgFiUg0bMw.jpg
cdn1.ntv.com.tr/gorsel/
3 KB
0
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/na9_m3pVF0-vxgFiUg0bMw.jpg?width=150&height=85&mode=crop&scale=both&v=1717394883119
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
58e45c14afef482bf15a053aff5ab3f7e40743387f7c993718ee1bafbe1b8ede

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
2af476c04fdc7ea1d2a733f231e50d94
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
3316
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
EtJAlyMJcE2Cbp1C_L9Gbw.jpg
cdn1.ntv.com.tr/gorsel/
6 KB
0
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/EtJAlyMJcE2Cbp1C_L9Gbw.jpg?width=150&height=85&mode=crop&scale=both&v=1717173010033
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
650a5274ce52f68963a6a54bed07c0248a98d4d0d7fcac936d34b76480fa2c07

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
4a7a7eaa2cce445502f3439115b4def0
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
6312
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
y1mvEnWRqkSrTTWd-kh6wQ.jpg
cdn1.ntv.com.tr/gorsel/
2 KB
0
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/y1mvEnWRqkSrTTWd-kh6wQ.jpg?width=150&height=85&mode=crop&scale=both&v=1717139216899
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
1ae01237aa51ea29010c2df24623fffaeb50d767cd7813f72c4576fd0207d622

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
06b03561366d1c71feab335ec0eb7b26
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
2
content-length
1954
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
LeS1OaAMB0ymq9eToYvlkw.jpg
cdn1.ntv.com.tr/gorsel/
4 KB
0
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/LeS1OaAMB0ymq9eToYvlkw.jpg?width=150&height=85&mode=crop&scale=both&v=1716965453454
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
7ffbee9a416e31937116a8a587e2ccc4977df57b25e750ef24e2f670cca7f221

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
123057c1f438cf9a275cc14943ed44d5
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : HIT,
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
4012
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
1HTAv3vcSEeP27dRmhsetQ.jpg
cdn1.ntv.com.tr/gorsel/
34 KB
0
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/1HTAv3vcSEeP27dRmhsetQ.jpg?width=1000&mode=both&scale=both&v=1707539555825
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
d905a035268e87c89be83ab4855d5dc3cca8489f90f352c716e9d1d8781a3df3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
bed880d3ac4392ce9bad3a75994a5aff
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : MISS, Midcache : HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
34844
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
ySwdcY9Zkk-XhKBoVFwI1Q.jpg
cdn1.ntv.com.tr/gorsel/
30 KB
0
Image
General
Full URL
https://cdn1.ntv.com.tr/gorsel/ySwdcY9Zkk-XhKBoVFwI1Q.jpg?width=1000&mode=both&scale=both&v=1707539555825
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 / ASP.NET
Resource Hash
278fe32b28c15eda8356d53f0ef572a33c6dec5c576fd9c314e3a623f4dd4188

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:04 GMT
server
MNCDN-2139
x-aspnet-version
4.0.30319
x-mnrequest-id
bb856215868256974272f78137df4254
x-edge-location
DE-372
x-powered-by
ASP.NET
x-cache-status
Edge : MISS, Midcache : HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926
s
1
content-length
30716
x-mserver
DE-372
request-context
appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
logo.svg
cdn.ntv.com.tr/img/
9 KB
0
Image
General
Full URL
https://cdn.ntv.com.tr/img/logo.svg?v=14932a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
9d13b63548a4b1bdd597e6c0671499ce59d8a6cde0b54f008be2fe6afe7556c7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
content-md5
9glse2KOBjt1rcwRP5xuFg==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 08:15:18 GMT
server
MNCDN-2139
x-mnrequest-id
184d099fc858ce66cea3add5d3bc9db4
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6745633d-701e-0039-067b-b6815e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
MNCDN-2137
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405300101&st=env
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d3ffa53efb55831ae37d13f2fa51a67b19b84e06abb574fc355efdaa0cef4e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12639
x-xss-protection
0
js
www.googletagmanager.com/gtag/
307 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NSW0HWG7RH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1df939e3f56675909a6105f72340e55041b22b178c66781cdeb97174b4307d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103841
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 14:23:07 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 12:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6839
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 05 Jun 2024 14:29:08 GMT
favicon.ico
cdn.ntv.com.tr/
1 KB
2 KB
Other
General
Full URL
https://cdn.ntv.com.tr/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
5e3968f259311bd4bb0bac4f2d632bd5a6c1a2eb53a6bd5c8072af59661f6e6c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:07 GMT
content-md5
NHXzF1jZo2uwTSEcINNsuA==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
content-length
1150
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 08:53:57 GMT
server
MNCDN-2139
x-mnrequest-id
2c058218072a7de07029b697ba5fca2a
etag
0x8DC7EF3B5F1AD03
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
92ea55e6-301e-0075-1dd6-b1116e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
MNCDN-2137
cr
jnxm2.com/ Frame 6C3B
0
0
Document
General
Full URL
https://jnxm2.com/cr?ref=https%3A%2F%2Fbessuilynn.com
Requested by
Host: servg1.net
URL: https://servg1.net/?uid=663131b96c52cb35ce0d878e&oab=1&puburl=https%253A%252F%252Fbessuilynn.com%252Fwvd71wmg%253Ffbclid%253Diwar14ukakx6u03z5ykawpi8oqwvnjxcqm_tg0jojn6gtucpmdnq_5wqbb44u_aem_sjkjqumokueut3jgzf5idq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.37.40 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-37-40.us-east-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-length
19024
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 14:23:07 GMT
etag
W/"4a50-Nv7tVsoMqO5tgRpES8Di9aF0+7A"
server
nginx
x-powered-by
Express
collect
724e36f7-7ba9-4b63-b81f-69c8c93f7fcd.collector.p.analitik.bik.gov.tr/api/
0
0

sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 14:23:07 GMT
collect
region1.analytics.google.com/g/
0
253 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NSW0HWG7RH&gtm=45je4630v895882789z872765436za200zb72765436&_p=1717597384260&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=1675333363.1717597386&ecid=1843838543&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717597387&sct=1&seg=0&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&dt=T%C3%BCrkiye%27de%20sat%C4%B1lan%20elektrikli%20otomobiller%20ve%20g%C3%BCncel%20fiyatlar%C4%B1&en=page_view&_fv=1&_ss=1&ep.debug_mode=true&ep.cd_amp=0&ep.cd_author=&ep.cd_brand=&ep.cd_character_count=5783&ep.cd_content_id=uzO8fADG-UGxFg5I0H7GEQ&ep.cd_content_name=&ep.cd_content_type=newsgaleri&ep.cd_editor=murat.sahin&ep.cd_episode=&ep.cd_foto=1&ep.cd_foto_count=59&ep.cd_foto_index=&ep.cd_infinite=0&ep.cd_main_category=otomobil%20&ep.cd_mam=&ep.cd_modified_date=20240210&ep.cd_modified_time=04%3A32%3A35&ep.cd_page_type=detail&ep.cd_publish_date=&ep.cd_publish_time=&ep.cd_seo_type=none&ep.cd_source=ntv-com-tr&ep.cd_sub_category=%20&ep.cd_subdom=%20&ep.cd_tag=otomobil%2Cekonomi%2Cntvpara&ep.cd_title=turkiyede-satilan-elektrikli-otomobiller-ve-guncel-fiyatlari&ep.cd_video=0&ep.cd_video_count=0&ep.cd_video_length=&ep.cd_video_name=&tfd=4539
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSW0HWG7RH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
253 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NSW0HWG7RH&cid=1675333363.1717597386&gtm=45je4630v895882789z872765436za200zb72765436&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSW0HWG7RH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NSW0HWG7RH&cid=1675333363.1717597386&gtm=45je4630v895882789z872765436za200zb72765436&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=995828293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C84
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
16496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jun 2024 09:48:11 GMT
expires
Thu, 05 Jun 2025 09:48:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publisher:getClientId
ampcid.google.com/v1/
74 B
438 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jun 2024 14:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
truncated
/
477 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
get
ad.vidoomy.com/api/adserver/ad/ Frame
0
0
Preflight
General
Full URL
https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWJlc3N1aWx5bm4uY29tJmZvcm1hdD0xJnU9NGE2MTAzMGEtZDI4NS00YTQ5LTgwYzktNTU2MTRhZjhiNTEwJnpvbmVJZD0yODM5NSZsb29wPTAmY1N0cmluZ1N0YXR1cz1vYnRhaW5lZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGYmVzc3VpbHlubi5jb20lMkZ3VmQ3MVdtRyUzRmZiY2xpZCUzREl3QVIxNHVrQUt4NnUwM1o1eUtBV1BpOE9RV3ZuSnhjcU1fdGcwak9KbjZndHVDUE1kblFfNXdxQmI0NFVfYWVtX3NKS2pxVU1vS1VFdVQzSkd6RjVJZFEma2V5d29yZHM9JnB2ZXJzaW9uPTMuMTUuNCZ0aW1lRWxhcHNlZD0wLTEuOTk=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.215 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
w3.vdmy.dtic.es
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-transfer-encoding,vidoomy-brandlift
Access-Control-Request-Method
GET
Origin
https://bessuilynn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-transfer-encoding,vidoomy-brandlift
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://bessuilynn.com
Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Content-Length
0
Date
Wed, 05 Jun 2024 14:23:08 GMT
Server
nginx
get
ad.vidoomy.com/api/adserver/ad/
9 KB
9 KB
XHR
General
Full URL
https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWJlc3N1aWx5bm4uY29tJmZvcm1hdD0xJnU9NGE2MTAzMGEtZDI4NS00YTQ5LTgwYzktNTU2MTRhZjhiNTEwJnpvbmVJZD0yODM5NSZsb29wPTAmY1N0cmluZ1N0YXR1cz1vYnRhaW5lZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGYmVzc3VpbHlubi5jb20lMkZ3VmQ3MVdtRyUzRmZiY2xpZCUzREl3QVIxNHVrQUt4NnUwM1o1eUtBV1BpOE9RV3ZuSnhjcU1fdGcwak9KbjZndHVDUE1kblFfNXdxQmI0NFVfYWVtX3NKS2pxVU1vS1VFdVQzSkd6RjVJZFEma2V5d29yZHM9JnB2ZXJzaW9uPTMuMTUuNCZ0aW1lRWxhcHNlZD0wLTEuOTk=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.215 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
w3.vdmy.dtic.es
Software
nginx /
Resource Hash
e6a8b9a631848b2d25d766c07f59c7dc3973817278d9cabb155133752222ed96

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://bessuilynn.com/
Content-Transfer-Encoding
base64
vidoomy-brandlift
W10=
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 14:23:08 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://bessuilynn.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Content-Transfer-Encoding
base64
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
8736
activeview
pagead2.googlesyndication.com/pcs/ Frame 17D3
42 B
65 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLMVF0xtm9ZIBoO0CXqrH--rtWy4oGDdABIagfx4FjpQZ2jxQ8KKwkqaTPhM8KiI1EC6T2yklveaZeVOHSw_yfQD5BW_8qDPqP8tL7ZpYptDm-gx8Wi4ouUtuMmGGykjKfRncL9O7OjpdXLHaj-RcZq5tvtMGjnvQt4RKejf0&sig=Cg0ArKJSzBUcXg1Lq5SeEAE&id=ampim&o=121,200&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=341&tls=1341&g=100&h=100&tt=1341&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=125.0.6422.141&uab=64&uafvl=%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
367 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jun 2024 14:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bessuilynn.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 78F3
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunafN7KmOTk62JFtphq6Mb3D67gn7MddheRQPZ5E2fRUKTpfBlg3AAUkQ0ytZ94pz_THJhYAydbPL83YI4q1VWd9vX55KaQnTC4pIO3ES4N4cg9LR7f0abNSyECqEYCQHnFHs0SEXc6inciZMC-K9reCfGaK1V4gDEKRyFh6A8kzo&sig=Cg0ArKJSzEJuQDCPjN9SEAE&id=lidar2&mcvt=1000&p=14,0,15,1&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240603&bin=7&avms=nio&bs=1600,1200&mc=0.95&vu=1&app=0&itpl=19&adk=2398203093&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ%3D%3D&vs=4&r=v&co=1353018600&rst=1717597386788&rpt=220&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=361807481&t=pageview&_s=1&dl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&ul=de-de&de=UTF-8&dt=T%C3%BCrkiye%27de%20sat%C4%B1lan%20elektrikli%20otomobiller%20ve%20g%C3%BCncel%20fiyatlar%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAQCACAAI~&jid=974833833&gjid=947868113&cid=1675333363.1717597386&tid=UA-37502122-4&_gid=1692786936.1717597388&_r=1&_slc=1&gtm=45He4630n715TDWZFv72765436za200&cd3=newsgaleri&cd4=detail&cd7=&cd8=&cd13=&cd15=&cd16=0&cd17=&cd18=5783&cd19=uzO8fADG-UGxFg5I0H7GEQ&cd20=&cd21=murat.sahin&cd22=&cd23=1&cd24=59&cd25=&cd26=0&cd27=otomobil&cd28=20240210&cd29=04%3A32%3A35&cd30=none&cd31=ntv-com-tr&cd32=&cd34=otomobil%2Cekonomi%2Cntvpara&cd35=turkiyede-satilan-elektrikli-otomobiller-ve-guncel-fiyatlari&cd36=0&cd37=0&cd38=&cd39=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&npa=1&z=1527090618
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
306 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&gdpr=1&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.156.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-156-188.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
6829
715072
vid.springserve.com/vast/
3 KB
2 KB
XHR
General
Full URL
https://vid.springserve.com/vast/715072?w=400&h=225&cb=577757&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.31.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-31-126.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9f25405cdadde6349e2fdfbe6d20230363936a19548bdaea1799cfe6d0bdefab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://bessuilynn.com
date
Wed, 05 Jun 2024 14:23:08 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
305 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&gdpr=1&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.156.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-156-188.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
3151
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
305 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2965016&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&gdpr=1&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.156.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-156-188.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
5903
vadtag.html
vpaid.pubmatic.com/ads/video/
2 KB
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&kadpageurl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&cb=661472&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&plcmt=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2252546eb5630ddeda55bc2341644ceafa769a4a213f13497073306f14457824

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
content-encoding
gzip
server
Apache
etag
"23da-5f762218eccb9-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
936
expires
Wed, 05 Jun 2024 14:23:08 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
305 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&gdpr=1&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.156.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-156-188.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
3153
vadtag.html
vpaid.pubmatic.com/ads/video/
2 KB
1 KB
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=1206913&adId=5894712&vadFmt=3&vapi=2&vminl=1&vmaxl=300&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=3&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&plcmt=1&sec=1&gdpr=1=&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&kadpageurl=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&cb=207136&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17b56fd85cf4f4d358106dfd5e8c40c08324d1a99d42c04fdec898cecbdbc5a9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
content-encoding
gzip
server
Apache
etag
"23da-5f762218eccb9-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
942
expires
Wed, 05 Jun 2024 14:23:08 GMT
rtb
a.vidoomy.com/api/rtbserver/
0
364 B
XHR
General
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=152942&w=400&h=225&skip=1&req_type=1&ip=80.255.7.120&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=63545&sid=28395&sname=bessuilynn.com_28395&d=bessuilynn.com&sp=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&coppa=&gdpr=1&gdprcs=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 14:23:09 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://bessuilynn.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
av
vidoomy-d.openx.net/v/1.0/
48 B
334 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&cb=689664&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&gdpr=1&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://bessuilynn.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
rtb
a.vidoomy.com/api/rtbserver/
0
364 B
XHR
General
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=494838&w=400&h=225&skip=1&req_type=1&ip=80.255.7.120&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=63545&sid=28395&sname=bessuilynn.com_28395&d=bessuilynn.com&sp=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&coppa=&gdpr=1&gdprcs=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 14:23:09 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://bessuilynn.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
2 KB
3 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&_fw_gdpr=1&_fw_gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a9d15fa76579d44274b25146c950888b810237671bec1ea9a24055a514ca7262

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2024 14:23:08 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://bessuilynn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1717597388722091-403
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
415 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&_fw_gdpr=1&_fw_gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&playerSize=400x225&loc=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2024 14:23:08 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://bessuilynn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1717597388754092-393
33787225
ads.stickyadstv.com/vast/vpaid-adapter/
2 KB
3 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?_fw_gdpr=1&_fw_us_privacy=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&_fw_gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
6e9baed5265cd0b25f5ad9985caebe13d2ec8d8688513e64b6f3cbd3996a6ca5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2024 14:23:08 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://bessuilynn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1717597388860029-369
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
305 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C&gdpr=1&gdpr_consent=CP_xI_nP_xI_nAcABBENDgCgAAAAAH_AAChQAABBqALMNC4gC7IkJCbQMIoEAIgrCAigQAAAAkDRAQAuDAp2BgEusJEAIEUABwQAhABRkACAAASABCIAJAigQAAQCAQAAgAQCAQAMDAAOAC0EAgABAdAxTCgAUCwgSIyIhTAhCgSCAlsoEEoKhBXCAIsMCKARGwUACAJARWAAICxeAwBICViQQJdQbQAAEACAUUoVCKT8wBDgmbLVXiibQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAA.YAAAD_gAAAAA
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.156.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-156-188.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:08 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
6095
357265
vid.springserve.com/vast/
3 KB
2 KB
XHR
General
Full URL
https://vid.springserve.com/vast/357265?w=400&h=225&cb=335799&url=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&schain=1.0%2C1!vidoomy.com%2C63545%2C1%2C62078410515058344048593101708%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.31.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-31-126.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1390bee73f8ea6aaf81ff54a4d7fca9ab5c771d6173e0b7400ff99f1d14d8e5b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://bessuilynn.com
date
Wed, 05 Jun 2024 14:23:08 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 1AE4
0
0

c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/
3 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:11 GMT
x-amz-request-id
JG6R16N553T91E1E
age
34
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
nJ3T6NPgNbp+1AHcIlCi5Gej81OokEBTti/lfN6cpLA2S8vXkaS2VwvOPGN8tCu8gS7ffSFhuqs=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1717597391.486856,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
32
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
9
UnitSliderDesktop.min.js
vidstat.taboola.com/lite-unit/4.9.6/
119 KB
33 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.9.6/UnitSliderDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47f124ebbf541d4a12e6a41e2cdb9f1a565520a94b5a8394fbb851f9075272b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 c402a771da86a02b525e7f764ab34a9e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
BOM78-P8
age
364745
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
33639
x-served-by
cache-fra-etou8220039-FRA
last-modified
Sat, 01 Jun 2024 09:01:09 GMT
server
AmazonS3
x-timer
S1717597391.494113,VS0,VE0
etag
"ad62344248716001dacd7712e69d94e3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
LFkmJNZUIkzd0uSeLmu5ta1QJajD-HXJMQXgEazcGYS1SGjKVfeKCg==
x-cache-hits
1166
userx.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
18 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4256713aa795a127c34d7b065dc0e624565692ccdef83e3cb96ad2402f0aeeec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cLHJ1PFQOe6OBXlK1sdX4F9cHmZpAoLq
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:11 GMT
x-amz-request-id
GE36ADFEPTXGKNYM
age
11137
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5568
x-amz-id-2
vxN3a5suanHQHLaImwB+40+qj/6+NaQQ9/fbYJTnvi11wm1w928jWeUlTASE9JOpvsEG9a3FDTA=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 11:17:34 GMT
server
AmazonS3
x-timer
S1717597391.493992,VS0,VE0
etag
"2d47eedf3ef437ba130853cd6d0c1517"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3460
distance-from-article.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
950c63f60fa751017cd669c982fb139e975b18cf7b12fce382ae3ce83217b205

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ssza03NGsEpZzu8BFHBrO3ZVXN8QfMtm
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:11 GMT
x-amz-request-id
9GZJP20FEENW0KRG
age
11187
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1523
x-amz-id-2
pUH3tyWwYbp2Az++5+kS+aLNbfkprMukJsq2lxgLh6ZDSOLZWZGhMI0TT6xkWoiXp7um4wMGHRk=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 11:16:44 GMT
server
AmazonS3
x-timer
S1717597391.494006,VS0,VE0
etag
"cdcf29ec759043cf17463677d3505796"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
25
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11830
article-detection.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e520dd6d7e0cbd42b401db4b71b799f13c0060ef00d285ce23ddddbde789efc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uqmh_JYlR4RPQF8usOghHortOyyGLiWQ
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:11 GMT
x-amz-request-id
EDCX7W2YQCAPG7TM
age
11198
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
voXQmvpZkF0pGAXPkFqyX3iGVPtv2IESfyt1C8PtLTn42jTfzvcG9MrWU/ZchM1KDtmntkFBKm0=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 11:16:34 GMT
server
AmazonS3
x-timer
S1717597391.494229,VS0,VE0
etag
"f42ccc06ee550b8fc289fe8e3447242d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11861
explore-more.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
26 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dafbaaa09ec584d5a18405e8d60c34d0912c987a4eace9b7679bbf1d3f2dbb0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HrV6C3cjNhGh2q3VNdbgy0U5fws5yuCf
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:11 GMT
x-amz-request-id
M6P3CP1WDKZKM5WQ
age
11182
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7618
x-amz-id-2
mSnqxbF+BvwdPkLtDD0e8z1weZ6O501R7MvAEkY5PnlHnp49DdX63fMebAAlyWx/zsgZql7IZTc=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 11:16:49 GMT
server
AmazonS3
x-timer
S1717597391.494225,VS0,VE0
etag
"d67148d3a827e63f0c161886e5a8d1ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
25
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6216
feed-card-placeholder.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9757e1a5d5a10f5a3ce54859c83fc28ec20771f0cfdb93befaccc446206db06a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bdRHXo5F3oENDWtGSadSuUKyxUFuBTTD
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:11 GMT
x-amz-request-id
2EM2EH85F8AQVT9E
age
11179
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
B0gT52wvk2Mf5JxbnKburt0ivjXERvAXgt+WQjn0jgEx4ZJtBLRZp4o4qBsiiq0iLMuYzyB/ErQ=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 11:16:52 GMT
server
AmazonS3
x-timer
S1717597391.494236,VS0,VE0
etag
"570f7df5350556e1fdfa318b125b52ea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11590
abtests
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/abtests?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1717597391456%7D&tim=16%3A23%3A11.456&id=5751&llvl=2&cv=20240604-4-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/supply-feature?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A23%3A11.472&id=810&llvl=2&cv=20240604-4-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
245 B
Ping
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/pubs-generic?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&d=%7B%22data%22%3A%22%7B%7D%22%2C%22type%22%3A%22recReel-available%22%2C%22eventTime%22%3A1717597391540%7D&tim=16%3A23%3A11.540&id=1579&llvl=2&ri=339d3f79b09c44a274ade79446294339&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://bessuilynn.com
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
929aba155b3eebfb8a101afa988f2989.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_2592%2Cx_1248%2Cy_0/c_fill%2Cw_400%2Ch_334/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_2592%2Cx_1248%2Cy_0/c_fill%2Cw_400%2Ch_334/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929aba155b3eebfb8a101afa988f2989.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
13e45e386b04e8805973d30fc1fd59225d7e69504964f88f1adf4a67543e0563

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
2
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_2592%2Cx_1248%2Cy_0/c_fill%2Cw_400%2Ch_334/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929aba155b3eebfb8a101afa988f2989.jpg
age
474627
edge-cache-tag
333751744292670673825402947795106290606,543525264186582848921733666586512756032,29ecf9b93bbf306179626feeda1fab70
cache-tag
333751744292670673825402947795106290606,543525264186582848921733666586512756032,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
185
expiration
expiry-date="Fri, 10 May 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ffxiv.consolegameswiki.com/
content-length
5158
x-served-by
cache-iad-kiad7000104-IAD, cache-iad-kiad7000067-IAD, cache-lax-kwhp1940044-LAX, cache-iad-kiad7000078-IAD, cache-fra-etou8220077-FRA
last-modified
Tue, 09 Apr 2024 10:28:18 GMT
server
nginx
surrogate-reporting
width=400,height=334,bytes=8823,owidth=3840,oheight=2160,obytes=1936639,ef=(1,13,17,23,30)
x-timer
S1717597392.578007,VS0,VE2
etag
"d6d1d5c5c6c3edfaad427afd8f3167b4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
BegzPksvYUKDdRSnFWV_BA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/BegzPksvYUKDdRSnFWV_BA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
034c2b68fe319864743347faeb0470aa069c348dc1c682a523a816ff17850d8b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
2
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/BegzPksvYUKDdRSnFWV_BA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
11258
edge-cache-tag
420593877690059709547376468004461583973,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
cache-tag
420593877690059709547376468004461583973,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
452
req-referer
https://www.ntv.com.tr/
content-length
24724
x-request-id
1f7946bc5dba82dbc735b13b3560b59b
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kiad7000033-IAD, cache-lga21961-LGA, cache-iad-kjyo7100085-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 10:58:23 GMT
server
nginx
surrogate-reporting
width=400,height=334,bytes=30395,owidth=1080,oheight=770,obytes=159256,ef=(1,13,17,23,30)
x-timer
S1717597392.578013,VS0,VE2
etag
"a2c424edb5645dca3254d00d40de9d49"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
5a72e3a1-a2c3-4c02-bac2-adad9311d482__u6GE1UtC.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5a72e3a1-a2c3-4c02-bac2-adad9311d482__u6GE1UtC.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa7db142b598f9f3915e087657c9b2b4f647e0dfc5f8cdd39a0e6b681ce5077b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5a72e3a1-a2c3-4c02-bac2-adad9311d482__u6GE1UtC.jpg
age
2688441
edge-cache-tag
609159743269364252943780752995527942214,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
cache-tag
609159743269364252943780752995527942214,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
33
expiration
expiry-date="Sun, 19 May 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.menshealth.de/
fastly-restarts
1
content-length
8362
x-served-by
cache-iad-kcgs7200179-IAD, cache-iad-kjyo7100061-IAD, cache-lax-kwhp1940140-LAX, cache-fra-etou8220077-FRA
last-modified
Thu, 18 Apr 2024 14:55:30 GMT
server
nginx
surrogate-reporting
width=400,height=334,bytes=12772,owidth=2000,oheight=1672,obytes=140373,ef=(1,13,17,23,30)
x-timer
S1717597392.578025,VS0,VE0
etag
"0507d8d482a4a0c12df1216ccc9fc89c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 9
4_0H1pAWqUGypMm_xvVrGg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/4_0H1pAWqUGypMm_xvVrGg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e7a9a09610a638b0f1f8f6730ef07f724e3894552246c05708bfc3bff70ea16f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/4_0H1pAWqUGypMm_xvVrGg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
15293
edge-cache-tag
375266633417186468996057952795239024281,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
cache-tag
375266633417186468996057952795239024281,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
520
req-referer
https://www.ntv.com.tr/
content-length
14002
x-request-id
3355eea4250d91a2a71ccb7ad31e93a9
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kjyo7100046-IAD, cache-lga21955-LGA, cache-iad-kiad7000025-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 09:36:33 GMT
server
nginx
surrogate-reporting
width=400,height=334,bytes=18960,owidth=1080,oheight=612,obytes=110710,ef=(1,13,17,23,30)
x-timer
S1717597392.577531,VS0,VE0
etag
"4af321cef3467d0276eea0d8db8f16c2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
74416c77f661c7fda51b535dcf4babd8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74416c77f661c7fda51b535dcf4babd8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87f00a2f6382ab8a70efadd506abb43dbc9c6184604a8fc191d9b6455eeda59a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74416c77f661c7fda51b535dcf4babd8.jpg
age
1815207
edge-cache-tag
610571001435152247014197049572172727525,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
610571001435152247014197049572172727525,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
134
req-referer
https://tempest.services.disqus.com/
content-length
10770
x-request-id
4b172b6dbc6db4a749977de4e3f2d045
x-served-by
cache-iad-kcgs7200155-IAD, cache-iad-kcgs7200154-IAD, cache-lga21944-LGA, cache-iad-kcgs7200167-IAD, cache-fra-etou8220077-FRA
last-modified
Thu, 14 Mar 2024 14:28:49 GMT
server
nginx
surrogate-reporting
width=497,height=414,bytes=19348,owidth=736,oheight=414,obytes=33491,ef=(1,13,17,23,30)
x-timer
S1717597392.577502,VS0,VE1
etag
"0925937a13562dcffbd862ccc5227533"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 0
RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D588%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
36 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D588%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fcebe9ce54e9e74de03d50c453601b5ab5dd98074cb300720c81be120cdb2040

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D588%26mode%3Dcrop%26scale%3Dboth
age
118533
edge-cache-tag
608942291081743657825556121884275817461,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
608942291081743657825556121884275817461,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
346
req-referer
https://www.ntv.com.tr/
content-length
36866
x-request-id
58d1edcd96e687b1874122262ad396d8
x-served-by
cache-iad-kcgs7200163-IAD, cache-iad-kcgs7200049-IAD, cache-bur-kbur8200176-BUR, cache-iad-kiad7000092-IAD, cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 05:01:38 GMT
server
nginx
surrogate-reporting
width=400,height=334,bytes=40102,owidth=588,oheight=334,obytes=84728,ef=(1,13,17,23,30)
x-timer
S1717597392.578079,VS0,VE0
etag
"276159991591ea855af3f9e697e7973f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 5
0f2c8a2ce4fde68acbfe144a84eb81b9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f2c8a2ce4fde68acbfe144a84eb81b9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
09a959b814e91b2c0cafae870bc140a98968f174cafd68d32f84985ab3cbb750

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f2c8a2ce4fde68acbfe144a84eb81b9.jpg
age
1792627
edge-cache-tag
338232796677939677453430926426035764661,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
338232796677939677453430926426035764661,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
134
req-referer
https://www.latribune.fr/
content-length
24820
x-request-id
75206ed1ffb16e30316ab0e7037b355e
x-served-by
cache-iad-kjyo7100169-IAD, cache-iad-kjyo7100044-IAD, cache-iad-kiad7000145-IAD, cache-fra-etou8220077-FRA
last-modified
Fri, 19 Apr 2024 14:55:41 GMT
server
nginx
surrogate-reporting
width=720,height=600,bytes=78325,owidth=1000,oheight=600,obytes=221444,ef=(1,13,17,23,30)
x-timer
S1717597392.666611,VS0,VE1
etag
"432d62870ac8de2ceebef9489cbbeb57"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 13, 0
RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
42 KB
43 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee42426eac39800a98ff6dcf71cbe0860612842d2db8f897b52d9b6edb82c8c8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
165861
edge-cache-tag
468445745373365108870281999035380876928,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
cache-tag
468445745373365108870281999035380876928,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1866
req-referer
https://www.ntv.com.tr/
content-length
42698
x-request-id
601f9c3a8110c4a8c5e9b894f4a0c7f9
x-served-by
cache-iad-kiad7000138-IAD, cache-iad-kjyo7100072-IAD, cache-lga21943-LGA, cache-iad-kjyo7100043-IAD, cache-fra-etou8220077-FRA
last-modified
Mon, 03 Jun 2024 16:08:04 GMT
server
nginx
surrogate-reporting
width=400,height=334,bytes=70341,owidth=1080,oheight=614,obytes=254063,ef=(1,13,17,23,30)
x-timer
S1717597392.666993,VS0,VE0
etag
"5d1822b6adc3c0a3e69bb225ce37a43a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 14
BegzPksvYUKDdRSnFWV_BA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
73 KB
74 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/BegzPksvYUKDdRSnFWV_BA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb3175574322bc492f3f34dcceb4f25714d14c47161081bc6dd236aae30117f5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/BegzPksvYUKDdRSnFWV_BA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
11599
edge-cache-tag
420593877690059709547376468004461583973,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
420593877690059709547376468004461583973,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
403
req-referer
https://www.ntv.com.tr/
content-length
75228
x-request-id
5c1080eea6bb58e04624d3deda6ceed6
x-served-by
cache-iad-kjyo7100056-IAD, cache-iad-kjyo7100023-IAD, cache-lga21958-LGA, cache-iad-kjyo7100078-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 10:58:23 GMT
server
nginx
surrogate-reporting
width=1080,height=540,bytes=70072,owidth=1080,oheight=770,obytes=159256,ef=(1,13,17,23,30)
x-timer
S1717597392.667226,VS0,VE1
etag
"3e52bea06813ca8d89123562b63264de"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
4_0H1pAWqUGypMm_xvVrGg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
52 KB
53 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/4_0H1pAWqUGypMm_xvVrGg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a8d305d4ad1fa215188ab305e141c612b4daef9e785ff6633092d723e86e3dd6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/4_0H1pAWqUGypMm_xvVrGg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
16796
edge-cache-tag
375266633417186468996057952795239024281,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
375266633417186468996057952795239024281,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
733
req-referer
https://www.ntv.com.tr/
content-length
53496
x-request-id
28ced54a392e10803c740c51e1e77046
x-served-by
cache-iad-kjyo7100165-IAD, cache-iad-kcgs7200024-IAD, cache-bur-kbur8200117-BUR, cache-iad-kjyo7100026-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 09:36:33 GMT
server
nginx
surrogate-reporting
width=1080,height=540,bytes=51165,owidth=1080,oheight=612,obytes=110710,ef=(1,13,17,23,30)
x-timer
S1717597392.666934,VS0,VE1
etag
"43f1a2344ccaa4cdebb6ef2d8902f4fe"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 0
RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D588%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
99 KB
100 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D588%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c403c9b2497970c7c342b432e88503da99bf9b273936fba745472bf0c50f0b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
2
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D588%26mode%3Dcrop%26scale%3Dboth
age
112594
edge-cache-tag
608942291081743657825556121884275817461,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
cache-tag
608942291081743657825556121884275817461,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
843
req-referer
https://www.ntv.com.tr/
content-length
101102
x-request-id
8092e4033ac9805503512ce8cf6f6e4e
x-served-by
cache-iad-kcgs7200053-IAD, cache-iad-kcgs7200116-IAD, cache-lga21968-LGA, cache-iad-kcgs7200146-IAD, cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 05:01:38 GMT
server
nginx
surrogate-reporting
width=1500,height=750,bytes=146199,owidth=588,oheight=334,obytes=84728,ef=(1,13,17,23,30)
x-timer
S1717597392.666962,VS0,VE2
etag
"e2c30e026c506c7ec990bd30a4daafb7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
181 KB
181 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
02753708f3d9d9fab98b1b32102d97f8ac100920c98a13089909bdba2a5d6fe3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/RJ3YVd2iIkuit54dZSC7hQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
164071
edge-cache-tag
468445745373365108870281999035380876928,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
468445745373365108870281999035380876928,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
645
req-referer
https://www.ntv.com.tr/
content-length
185000
x-request-id
79f5249861e5795d79d50c9555be69ec
x-served-by
cache-iad-kcgs7200043-IAD, cache-iad-kjyo7100040-IAD, cache-ewr18142-EWR, cache-iad-kjyo7100144-IAD, cache-fra-etou8220077-FRA
last-modified
Mon, 03 Jun 2024 16:08:04 GMT
server
nginx
surrogate-reporting
width=1080,height=540,bytes=149439,owidth=1080,oheight=614,obytes=254063,ef=(1,13,17,23,30)
x-timer
S1717597392.759923,VS0,VE1
etag
"e0158d6e8dfb9a6f80ea0476d8cdd877"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 2, 1
O1CBT0clLEiBi35ykvZeeg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
49 KB
50 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/O1CBT0clLEiBi35ykvZeeg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03e9fa43fffd6f201f912ea385d70a943e766f4016349501973762b38d12a280

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/O1CBT0clLEiBi35ykvZeeg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
92016
edge-cache-tag
537060040937949041751347693031132644631,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
537060040937949041751347693031132644631,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
483
req-referer
https://www.ntv.com.tr/
content-length
50332
x-request-id
4f11e9641d80c5e855cebb48186223cd
x-served-by
cache-iad-kcgs7200133-IAD, cache-iad-kcgs7200022-IAD, cache-lga21978-LGA, cache-iad-kcgs7200056-IAD, cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 12:19:27 GMT
server
nginx
surrogate-reporting
width=1080,height=540,bytes=53693,owidth=1080,oheight=613,obytes=107888,ef=(1,13,17,23,30)
x-timer
S1717597392.759908,VS0,VE0
etag
"6e45b0df37f92c72e38479a44ea98802"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 15
929aba155b3eebfb8a101afa988f2989.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
35 KB
36 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929aba155b3eebfb8a101afa988f2989.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77d760d673fd7f2691cbf938c600146a2c5f1a3b447c5eea39adf14e59c75afe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929aba155b3eebfb8a101afa988f2989.jpg
age
1057250
edge-cache-tag
333751744292670673825402947795106290606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
333751744292670673825402947795106290606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
859
expiration
expiry-date="Sun, 16 Jun 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hausgarten.net/
content-length
35624
x-served-by
cache-iad-kcgs7200112-IAD, cache-iad-kcgs7200061-IAD, cache-bur-kbur8200081-BUR, cache-iad-kcgs7200178-IAD, cache-fra-etou8220077-FRA
last-modified
Thu, 16 May 2024 07:51:17 GMT
server
nginx
surrogate-reporting
width=3840,height=2133,bytes=460255,owidth=3840,oheight=2160,obytes=1936639,ef=(1,13,17,23,30)
x-timer
S1717597392.760157,VS0,VE0
etag
"feef52ef657dd30a23f3c39d3a758b99"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 4
5a72e3a1-a2c3-4c02-bac2-adad9311d482__u6GE1UtC.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
28 KB
29 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5a72e3a1-a2c3-4c02-bac2-adad9311d482__u6GE1UtC.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
685a3add38a6ac1835f6abedcb5bf26d610b2437038d98de1dc7f42d17733127

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/5a72e3a1-a2c3-4c02-bac2-adad9311d482__u6GE1UtC.jpg
age
4145847
edge-cache-tag
609159743269364252943780752995527942214,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
609159743269364252943780752995527942214,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT
x-envoy-upstream-service-time
645
req-referer
https://www.monitor.co.ug/
fastly-restarts
1
content-length
29098
x-request-id
68c263bc8cb6f23b615f1267f8a4d044
x-served-by
cache-iad-kcgs7200057-IAD, cache-iad-kjyo7100164-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 17 Apr 2024 10:06:18 GMT
server
nginx
surrogate-reporting
width=2000,height=1110,bytes=96533,owidth=2000,oheight=1672,obytes=140373,ef=(1,13,17,23,30)
x-timer
S1717597392.760158,VS0,VE1
etag
"20eca1dedd33cd64a14f9e8b0f6f0d88"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
NMziv0VaBkC_FkD0CRKlKw.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth%26v%3D1715769717659
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
74 KB
75 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/NMziv0VaBkC_FkD0CRKlKw.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth%26v%3D1715769717659
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60a4b7f48b51b4dd8210b2282bddb8f0ba35e59326686bf8e078d120f87eac0a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/NMziv0VaBkC_FkD0CRKlKw.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth%26v%3D1715769717659
age
1826811
edge-cache-tag
518387643154182243851230287602861546322,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
518387643154182243851230287602861546322,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
566
req-referer
https://www.ntv.com.tr/
content-length
75984
x-request-id
a92aea5bd81e65a23871d04bb7ff7873
x-served-by
cache-iad-kjyo7100033-IAD, cache-iad-kjyo7100120-IAD, cache-lga21922-LGA, cache-iad-kcgs7200168-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 15 May 2024 10:56:05 GMT
server
nginx
surrogate-reporting
width=1080,height=599,bytes=70902,owidth=1080,oheight=612,obytes=126936,ef=(1,13,17,23,30)
x-timer
S1717597392.762159,VS0,VE1
etag
"6b7b0fbc8a084658f564814b100f0929"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
FC5H3d5WpkGSEC81z_xTXg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
77 KB
78 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/FC5H3d5WpkGSEC81z_xTXg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd80a3f352eb1f49b6e16c19c8a45f991a582e05a447573453ba7f4feed2c56b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/FC5H3d5WpkGSEC81z_xTXg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
113134
edge-cache-tag
592922294272479111603404232810939375246,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
592922294272479111603404232810939375246,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
729
req-referer
https://www.ntv.com.tr/
content-length
78748
x-request-id
134178890105cc7c946e35a257b4ebdc
x-served-by
cache-iad-kiad7000078-IAD, cache-iad-kiad7000027-IAD, cache-lga21947-LGA, cache-iad-kiad7000176-IAD, cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 06:57:38 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=77174,owidth=1080,oheight=613,obytes=138304,ef=(1,13,17,23,30)
x-timer
S1717597392.764264,VS0,VE1
etag
"1e54e70428e7cbbd1d2c9108a2e1519d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 0
xpCvDNI03E6bnbEwdMa3Gg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
92 KB
93 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/xpCvDNI03E6bnbEwdMa3Gg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
48cbfa492c6453951d077dc926272fca07d7d3ac5fbba4989be785230029722c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/xpCvDNI03E6bnbEwdMa3Gg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
17230
edge-cache-tag
598728800286495635010972369499628719247,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
598728800286495635010972369499628719247,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
848
req-referer
https://www.ntv.com.tr/
content-length
94134
x-request-id
a94fec6c5d74a882d1850252bdec53c2
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kiad7000164-IAD, cache-bur-kbur8200161-BUR, cache-iad-kjyo7100045-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 09:26:20 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=83655,owidth=1080,oheight=614,obytes=149306,ef=(1,13,17,23,30)
x-timer
S1717597392.803333,VS0,VE1
etag
"7cec5e0df27f09417d886517a181d350"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 4, 1
4Wcoo17nu0O_FXfUqbnZbg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
111 KB
112 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/4Wcoo17nu0O_FXfUqbnZbg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd83f5964709bdb95ec93678f5a7ad1bc5755e330767c83e2372cfd8557d6cbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
3
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/4Wcoo17nu0O_FXfUqbnZbg.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
85200
edge-cache-tag
360819749772312741451442306725076264390,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
360819749772312741451442306725076264390,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
751
req-referer
https://www.ntv.com.tr/
content-length
113940
x-request-id
5e52578a5ca31aacf938720f9ef57b08
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kiad7000163-IAD, cache-lga21962-LGA, cache-iad-kcgs7200105-IAD, cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 13:55:25 GMT
server
nginx
surrogate-reporting
width=1080,height=599,bytes=95683,owidth=1080,oheight=612,obytes=162540,ef=(1,13,17,23,30)
x-timer
S1717597392.806101,VS0,VE3
etag
"be3cfec66cbb401a49d83425845cd41d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
AtJ7Oh8HR06ta3201FL33A.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
46 KB
47 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/AtJ7Oh8HR06ta3201FL33A.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a94f678ccb2c2e1bdafb82cf8bc32e2b2857cdf31d9c078fabf5de02b3a6916

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/AtJ7Oh8HR06ta3201FL33A.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
24384
edge-cache-tag
497442357754553413347813197216900497119,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
497442357754553413347813197216900497119,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
595
req-referer
https://www.ntv.com.tr/
content-length
46956
x-request-id
42fb2320019b7964888aa2826cdb69ac
x-served-by
cache-iad-kcgs7200093-IAD, cache-iad-kcgs7200106-IAD, cache-ewr18141-EWR, cache-iad-kcgs7200061-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 07:36:48 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=51755,owidth=1080,oheight=613,obytes=86556,ef=(1,13,17,23,30)
x-timer
S1717597392.819356,VS0,VE1
etag
"7d2bdf02e0c77459ee9be68a5f9aa52f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 5, 0
74416c77f661c7fda51b535dcf4babd8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
36 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74416c77f661c7fda51b535dcf4babd8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1227d4d276545270f4293bfc3c56281cbd411ee17add67c72f06de00330dd5dd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74416c77f661c7fda51b535dcf4babd8.jpg
age
2423873
edge-cache-tag
610571001435152247014197049572172727525,308584267801082320679967464701618537544,29ecf9b93bbf306179626feeda1fab70
cache-tag
610571001435152247014197049572172727525,308584267801082320679967464701618537544,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT
x-envoy-upstream-service-time
271
expiration
expiry-date="Wed, 29 May 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mightyscoops.com/
fastly-restarts
1
content-length
37148
x-served-by
cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100035-IAD, cache-fra-etou8220077-FRA
last-modified
Sun, 28 Apr 2024 19:23:01 GMT
server
nginx
surrogate-reporting
width=1500,height=834,bytes=72483,owidth=736,oheight=414,obytes=33491,ef=(1,13,17,23,30)
x-timer
S1717597392.822137,VS0,VE1
etag
"d7f5eceac0a73464b61f3c248c2a7271"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
0f2c8a2ce4fde68acbfe144a84eb81b9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
105 KB
106 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f2c8a2ce4fde68acbfe144a84eb81b9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79f5dcb296cdf18a0c8dc358147a3bba8bd1255ce0cfa72627cb20a45b1c26ed

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f2c8a2ce4fde68acbfe144a84eb81b9.jpg
age
3700514
edge-cache-tag
338232796677939677453430926426035764661,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338232796677939677453430926426035764661,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
20
req-referer
https://www.11alive.com/
content-length
107869
x-request-id
4d89f74d0d20cd10802ed2953127bea3
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kjyo7100041-IAD, cache-iad-kiad7000037-IAD, cache-fra-etou8220077-FRA
last-modified
Fri, 19 Apr 2024 14:55:41 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=107869,owidth=1000,oheight=600,obytes=221444,ef=(1,13,17,23,30)
x-timer
S1717597392.827988,VS0,VE1
etag
"cc30bcaed3be06ddbc4dc24e629f00bd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 17, 1
W0rn7MlRrE6eKRJ1wR1nYQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
59 KB
59 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/W0rn7MlRrE6eKRJ1wR1nYQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
174a9d09ed09551e1ea4eefea4f1b673f853e959b4745c28ba66917e9864205c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/W0rn7MlRrE6eKRJ1wR1nYQ.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
96036
edge-cache-tag
408768070286643429626915768179631717742,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
408768070286643429626915768179631717742,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
648
req-referer
https://www.ntv.com.tr/
content-length
60022
x-request-id
b8e5cbf184c1aa416ef10613abae0858
x-served-by
cache-iad-kiad7000057-IAD, cache-iad-kcgs7200054-IAD, cache-bur-kbur8200081-BUR, cache-iad-kiad7000095-IAD, cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 11:32:37 GMT
server
nginx
surrogate-reporting
width=1080,height=599,bytes=62029,owidth=1080,oheight=612,obytes=108674,ef=(1,13,17,23,30)
x-timer
S1717597392.838292,VS0,VE1
etag
"6ad2e197a469d3a094b032d064f9ded1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 4, 0
E0A-Gnd0j0Kup32VvQcNtA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/
65 KB
66 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/E0A-Gnd0j0Kup32VvQcNtA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c27341fd60ac772286c5d675592101d5a113b099636aab02fab6d6c5118bd11f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
14
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn1.ntv.com.tr/gorsel/E0A-Gnd0j0Kup32VvQcNtA.jpg%3Fwidth%3D1080%26mode%3Dcrop%26scale%3Dboth
age
19485
edge-cache-tag
527720931202505650926182218739310000701,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
527720931202505650926182218739310000701,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
1099
req-referer
https://www.ntv.com.tr/
content-length
67040
x-request-id
52faccf715811ea0b8e9b25649c1d8ae
x-served-by
cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100163-IAD, cache-bur-kbur8200025-BUR, cache-iad-kiad7000138-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 08:53:04 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=67294,owidth=1080,oheight=614,obytes=116260,ef=(1,13,17,23,30)
x-timer
S1717597392.855511,VS0,VE14
etag
"e9954da5ce88d648b25820cd2d73687f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 1, 1
supply-feature
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/supply-feature?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2254.625%22%2C%22event_msg%22%3A%220%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A23%3A11.609&id=7175&llvl=2&cv=20240604-4-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
spa-detector.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87a50fb24393024bdde09068bdf5da53d30e4d03a6c9173a59d61f85fc6e4f30

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HI9ICfdBPGa0K66RhdhBNPpqB.KEOHpN
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Jun 2024 14:23:11 GMT
x-amz-request-id
QSKWFWH97B6DWAW0
age
11156
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
MSl0u2OrgofzAhJI1On+YnX8kz2aGRYmQmCfcqPouarDr5hiy0agwNJ4xEI0bEVjc55h7bah9HU=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 05 Jun 2024 11:17:16 GMT
server
AmazonS3
x-timer
S1717597392.647906,VS0,VE0
etag
"404f359cdcdf4b503d26d7997e521f5d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6488
supply-feature
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/supply-feature?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A23%3A11.612&id=9573&llvl=2&cv=20240604-4-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/abtests?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1717597391614%7D&tim=16%3A23%3A11.615&id=3575&llvl=2&cv=20240604-4-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/supply-feature?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A23%3A11.617&id=9915&llvl=2&cv=20240604-4-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
logo.svg
cdn.ntv.com.tr/img/
9 KB
0
Image
General
Full URL
https://cdn.ntv.com.tr/img/logo.svg?v=14932a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
9d13b63548a4b1bdd597e6c0671499ce59d8a6cde0b54f008be2fe6afe7556c7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 14:23:04 GMT
content-encoding
br
content-md5
9glse2KOBjt1rcwRP5xuFg==
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 08:15:18 GMT
server
MNCDN-2139
x-mnrequest-id
184d099fc858ce66cea3add5d3bc9db4
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6745633d-701e-0039-067b-b6815e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31556926
x-ms-version
2009-09-19
x-mserver
MNCDN-2137
abtests
am-trc-events.taboola.com/dogusmedia-ntv/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/dogusmedia-ntv/log/3/abtests?route=AM:AM:V&tvi48=10143&tvi50=9058&lti=trecs&ri=3abbd6f3366e146dbb5cddc6d8c80d29&sd=v2_94ede88a98424d00ded6ceef21388ee6_243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a_1717597386_1717597386_CNawjgYQ3c1JGPfroMb-MSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABoppvJ7d37u7UDcAA&ui=243c4c75-ba59-4bfa-ae94-1e0628e54cec-tuctd59fa4a&pi=/wvd71wmg&wi=-4709447099323856001&pt=text&vi=1717597386231&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1717597391621%7D&tim=16%3A23%3A11.621&id=3465&llvl=2&cv=20240604-4-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jun 2024 14:23:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
st
imprammp.taboola.com/ Frame F031
0
0
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&cmcv=&pix=undefined&cb=1717597391829&uv=3406&tms=1717597391829&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!expl_vE!mprdct01val_vB!rbcatc_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=8bb4728c-ef62-4f11-80a8-b3d2f1ed4858&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bessuilynn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 05 Jun 2024 14:23:11 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1717597392.939582,VS0,VE10
sync
am-match.taboola.com/ Frame 7EB8
0
0

cmOsUnit.css
vidstat.taboola.com/vpaid/units/34_0_6/assets/css/
74 KB
10 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/34_0_6/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1e63362ba790e12c207f4441d7e87ab0f9a6f0b5b09ed58a63fc5dc9fa72d646

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717396794
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
08NAW8HQ9CTSCPYC
age
200552
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1717396795
x-amz-meta-mode
33188
content-length
10064
x-amz-id-2
yy6Bk9kavjdaXb+J09Gf9Q/PNgCS33CRTLviv8Q7pc/g1wscpQM52eUvC1RuUrx6S7GEr0QlBFE=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Mon, 03 Jun 2024 06:39:56 GMT
server
AmazonS3-br
x-timer
S1717597392.862286,VS0,VE0
etag
"4049142910cd80cf34b48040c9f0b89b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
50887
cmTagSLIDER_INSTREAM.js
vidstat.taboola.com/vpaid/units/34_0_6/infra/
355 KB
82 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/34_0_6/infra/cmTagSLIDER_INSTREAM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1cb7e7b12fd8e25cdc97880e2fea9757603cea342db5d8e8e81ad159effbb3f5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717396754
date
Wed, 05 Jun 2024 14:23:11 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0VH1HG08W2PYHCWD
age
200545
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1717396755
x-amz-meta-mode
33188
content-length
83733
x-amz-id-2
TdGOz+8lFg4GREO3VFekL6ti9fmgi+Y7A+WFE5+CzkNRiD6SceLdbOnqpR1CTsUHmoky/2dU+3Q=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Mon, 03 Jun 2024 06:39:16 GMT
server
AmazonS3-br
x-timer
S1717597392.862539,VS0,VE0
etag
"67e0c102ed02592618ba901afcb60062"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1546
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&cmcv=&pix=31589837&cb=1717597391829&uv=3406&tms=1717597391829&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!expl_vE!mprdct01val_vB!rbcatc_vB&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1717597383189.5!ts:1717597391829&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:11 GMT
content-length
0
server
nginx
content_v3.js
vidstat.taboola.com/
16 KB
5 KB
Script
General
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_0_6/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1738524
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1717597392.001168,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
4614
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/
455 KB
85 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_0_6/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
93845ed7412d20bda9bbd63e4d3d5e3ae31dc514f5f7f9c438bc21996e9fcdef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Origin
https://bessuilynn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717493155
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
ESZFAA3ARWJJZE22
age
104076
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1717493174
x-amz-meta-mode
33188
content-length
86185
x-amz-id-2
4A7PM7JjeTYRu61FPuDvKn0QEVAWyWFmrJ/elLWyFGZvsGpcwr2EqUKHH9kSYRzTE/F1vhs6jTI=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Tue, 04 Jun 2024 09:26:15 GMT
server
AmazonS3-br
x-timer
S1717597392.011901,VS0,VE0
etag
"0dcf61ab21f9822b6db9bbbb635381e6"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
59165
sync
am-match.taboola.com/ Frame C174
0
0

loading2.png
vidstat.taboola.com/assets/
24 KB
24 KB
Image
General
Full URL
https://vidstat.taboola.com/assets/loading2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1498646328
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FRA60-P1
age
2963980
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-length
24300
x-served-by
cache-fra-etou8220077-FRA
last-modified
Sun, 02 Jul 2017 14:25:04 GMT
server
AmazonS3
x-timer
S1717597392.028903,VS0,VE0
etag
"ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
vbnBTgjpYmQuFPbzfD0-yAvJTbOfGQqRDnsQq1mhb0dufrsnA57vrw==
x-cache-hits
13610
replay-button.svg
vidstat.taboola.com/assets/
1 KB
954 B
Image
General
Full URL
https://vidstat.taboola.com/assets/replay-button.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
VIE50-C2
age
2613561
x-cache
Hit from cloudfront, HIT
content-length
701
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1717597392.028861,VS0,VE0
etag
"e871e80b457ead7801d3bbe63b25c4fb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
sJQ8vyV_chtrTNCpnVqtJCunjyc36B8dbpQQroJK58R5PR6mUDoT2g==
x-cache-hits
8440
replay-button-hover.svg
vidstat.taboola.com/assets/
1 KB
1 KB
Image
General
Full URL
https://vidstat.taboola.com/assets/replay-button-hover.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2785320
x-cache
Hit from cloudfront, HIT
content-length
709
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1717597392.029074,VS0,VE0
etag
"ae0344bce724db935e4f7ba6573ee516"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
1JYTooIZAFe6ntub9Ov709Ze_00RnxQMFAEINZGQE7UG23mzWRv8JQ==
x-cache-hits
15586
learn-more-button.svg
vidstat.taboola.com/assets/
2 KB
911 B
Image
General
Full URL
https://vidstat.taboola.com/assets/learn-more-button.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 91c2aa7e3369a817b01aa672c72e5ba0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
JNB50-C1
age
2018214
x-cache
Miss from cloudfront, HIT
content-length
634
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 13 Feb 2019 09:30:12 GMT
server
AmazonS3
x-timer
S1717597392.029110,VS0,VE0
etag
"3132e8c3bdd274efa7ce1531ec89580d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
tpkfj6s5WrpGRgaAkTGoH-mIoyNBawru-OLVieZi3MqT1lfvXLde4Q==
x-cache-hits
6722
learn-more-button-hover.svg
vidstat.taboola.com/assets/
2 KB
925 B
Image
General
Full URL
https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 9c0ce977a13f3d9bbc6eed6540faf728.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
ZRH55-P1
age
2613562
x-cache
Miss from cloudfront, HIT
content-length
660
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 13 Feb 2019 09:30:11 GMT
server
AmazonS3
x-timer
S1717597392.041790,VS0,VE0
etag
"b14888c73642ebc29c1451727eb1eb8a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
_BI2bOS1tsYBkh4StNyzDpOeQgsvU7xdHiLZFOB5tlaPzbPRMQPUwg==
x-cache-hits
8645
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&cmcv=&pix=31579697&cb=1717597391997&uv=3406&tms=1717597391997&su=&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!expl_vE!mprdct01val_vB!rbcatc_vB&ft=0&unm=SLIDER_INSTREAM&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 14:23:12 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://bessuilynn.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
4432514
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-etou8220077-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1717597392.043461,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
47374
VideoBidRequestHandlerServlet
wf.taboola.com/
13 KB
7 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1717597392078&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1653&pt=274248114&tz=120&viewable=true&ddast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2344715&dpubid=358895&abtst=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!expl_vE!mprdct01val_vB!rbcatc_vB&mPre=0.033&cirf=https%3A%2F%2Fbessuilynn.com&en=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bec564c1266219666b782a931b2abdea2a82c5d415647d24cb1662ebba3bbe1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 05 Jun 2024 14:23:12 GMT
content-encoding
gzip
via
1.1 varnish
machineid
140125
x-cache
MISS
x-served-by
cache-fra-etou8220077-FRA
pragma
no-cache
server
nginx
x-timer
S1717597392.101275,VS0,VE115
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://{"bidderRequest">; rel=preconnect,<http://{"bidderRequest">; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
TBPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/
214 KB
67 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/TBPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d25eca7ef3b30eaebe9dcc142b9208bd3823056b120a9f326ec8ad09db31a03

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717493155
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 89af70582a9dc92c4998266dcd5025bc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
BUD50-P2
age
104073
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1717493155
x-amz-meta-mode
33188
content-length
68197
x-served-by
cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 09:25:59 GMT
server
AmazonS3
x-timer
S1717597392.109728,VS0,VE0
etag
"a826c1413e364161827581a97d9b9198"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
pyNsSSBEPC-Sxnq51nDV1SUW4ZvagQkXiqvlAOtPEkRFPzT65b7_hw==
x-cache-hits
23966
getmu
ioms.bfmio.com/
49 B
504 B
XHR
General
Full URL
https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=400&height=225&v=1&pageurl=https%3A%2F%2Fbessuilynn.com&i_type=out&stream=out&playback=2&cb=R0.1717597392085&us_privacy=1---
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.218.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-218-193.compute-1.amazonaws.com
Software
nginx/1.26.1 /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.26.1
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
getmu
ioms.bfmio.com/
49 B
506 B
XHR
General
Full URL
https://ioms.bfmio.com/getmu?aid=1589e966-8c68-4116-acc0-a2ce3b471c55&output=html5&width=400&height=225&v=1&pageurl=https%3A%2F%2Fbessuilynn.com&i_type=out&stream=out&playback=2&cb=R0.1717597392085&us_privacy=1---
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.218.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-218-193.compute-1.amazonaws.com
Software
nginx/1.26.1 /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 14:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.26.1
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://bessuilynn.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
cmAdService.js
vidstat.taboola.com/vpaid/units/34_0_6/infra/
47 KB
12 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/34_0_6/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_0_6/infra/cmTagSLIDER_INSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d5e15f1a715da7926d37cceb1748706e4c26ac79b8a02fcfeac706cb0209dd8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717396786
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 d5ebc09eb317f3a918e1a073829b38c2.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
BOM78-P8
age
200551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1717396787
x-amz-meta-mode
33188
content-length
11750
x-served-by
cache-fra-etou8220077-FRA
last-modified
Mon, 03 Jun 2024 06:39:48 GMT
server
AmazonS3
x-timer
S1717597392.134680,VS0,VE0
etag
"2f404a1a72cbd33ff9e65f4341710204"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
_kWyxXAvdsWz7Ou7MBPzbq1YyfiraNQOqhuU34QikGwha8KMqJMOSw==
x-cache-hits
49518
TBOpenxPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/
143 KB
45 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/TBOpenxPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80270fa2a6c4e73a73aef7931f6cdc72612acba7c4d5db98690e600f97a280f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717493155
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
104070
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1717493155
x-amz-meta-mode
33188
content-length
45708
x-served-by
cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 09:25:58 GMT
server
AmazonS3
x-timer
S1717597392.162657,VS0,VE0
etag
"d89a38225030dbbe07dd0e3464f28022"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
7R_r197QQc8iHiEj-SYJ8arCzLIXNgjjU83wUv8pHCv2NloH9QWZjw==
x-cache-hits
9262
TBPubmaticPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/
155 KB
49 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/TBPubmaticPrebidHandler.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6ca07d324a721d48f2a5327ad38c10038d5d063cf717f7fd265f87dfa184979

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717493155
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 d833345b041d06a76c4a0e5211cc8a80.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
BUD50-P2
age
104071
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1717493155
x-amz-meta-mode
33188
content-length
49541
x-served-by
cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 09:25:59 GMT
server
AmazonS3
x-timer
S1717597392.162895,VS0,VE0
etag
"266870b28c565a551b16144538be912f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
A_FVQr9u1hER1CvzxDjt8psjuLaf7w9gS11jNcwuMKMxXu5du2a5vg==
x-cache-hits
4038
TBFreewheelPrebidHandelr.js
vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/
139 KB
44 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/TBFreewheelPrebidHandelr.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2f62b0aad6f3c4f02ba462d1c03386c6e81dbb7e88cdefcf3c50b9ba2a5d2c8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-mtime
1717493155
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
104070
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1717493155
x-amz-meta-mode
33188
content-length
44436
x-served-by
cache-fra-etou8220077-FRA
last-modified
Tue, 04 Jun 2024 09:25:58 GMT
server
AmazonS3
x-timer
S1717597392.163332,VS0,VE0
etag
"282eb7c9884a57135cfd13dd5b82eed3"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
HbsAOb4NEWvJuYiUQnSNYyLJOIFx3sYX_DbDPNYvZdQoFH1Dlg2Deg==
x-cache-hits
1701
prebidjs
rtb.openx.net/openrtbb/
53 B
280 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
704d90520fc15c5617684328ff63cba8eace8cffea946fed04ddc90a33d16ad5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 05 Jun 2024 14:23:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
x-forwarded-for
80.255.7.120
content-type
text/plain
access-control-allow-origin
https://bessuilynn.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/
0
56 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bessuilynn.com
date
Wed, 05 Jun 2024 14:23:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
415 B
Fetch
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33815131&componentId=prebid&componentSubId=instream&timestamp=1717597392205&_fw_bidfloor=0.9869999885559082&_fw_bidfloorcur=USD&pbjs_version=8.44.0&pKey=469456447&_fw_prebid_content=%7B%22url%22%3A%22%252F%252Fmagazine-api.taboola.com%252Fvideo-content%252F1976637330409733847%252Fflavours%252Fmp4_480.mp4%22%2C%22title%22%3A%22Beyonc%C3%A9%20is%20a%20stunning%20goddess%20on%20her%20latest%20fashion%20cover.%22%7D&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22taboola.com%22%2C%22rid%22%3A%22346685813%22%2C%22sid%22%3A%221205981%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D&loc=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&playerSize=1000x750&video_context=instream&video_placement=3&video_plcmt=4
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2024 14:23:12 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://bessuilynn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1717597392129098-376
translator
hbopenbid.pubmatic.com/
0
112 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bessuilynn.com
date
Wed, 05 Jun 2024 14:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
415 B
Fetch
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33815131&componentId=prebid&componentSubId=instream&timestamp=1717597392255&_fw_bidfloor=1.74399995803833&_fw_bidfloorcur=USD&pbjs_version=8.44.0&pKey=469456602&_fw_prebid_content=%7B%22url%22%3A%22%252F%252Fmagazine-api.taboola.com%252Fvideo-content%252F1976637330409733847%252Fflavours%252Fmp4_480.mp4%22%2C%22title%22%3A%22Beyonc%C3%A9%20is%20a%20stunning%20goddess%20on%20her%20latest%20fashion%20cover.%22%7D&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22taboola.com%22%2C%22rid%22%3A%221477105432%22%2C%22sid%22%3A%221205981%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D&loc=https%3A%2F%2Fbessuilynn.com%2FwVd71WmG%3Ffbclid%3DIwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ&playerSize=400x225&video_context=instream&video_placement=3&video_plcmt=4
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2024 14:23:12 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://bessuilynn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1717597392245047-334
bulk
trc.taboola.com/dogusmedia-ntv/log/3/
0
220 B
XHR
General
Full URL
https://trc.taboola.com/dogusmedia-ntv/log/3/bulk?tvi48=10143&tvi50=9058&route=AM%3AAM%3AV&lti=trecs&bulkSize=7
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7623
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-fra-etou8220077-FRA
pragma
no-cache
server
nginx
x-timer
S1717597393.599472,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://bessuilynn.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
712 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bessuilynn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 05 Jun 2024 14:23:12 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
16807
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220077-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1717597393.607301,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5534

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.ntv.com.tr
URL
https://www.ntv.com.tr/havadurumu/json
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CzFwiynRgZrXyEdCK7_UP1PzrwQyX4aKceKWY8pOhEmQQASCxj9ooYJW6qIKwB6AB2d2JxgPIAQKpArb21Sz3PbI-4AIAqAMByAMIqgS7Ak_QWWgMrF0_A38OTbZcQwX9A9PS2qw4rUKuGGLFgYRvmho9Fsgj1Mrc9aGfYehrhtYp_YhYa9K_72pPyiHC47n-V5PoBcYFf4uMg5oXjVQLeWe3uBhZDtgs9GUm6RmqMimdu2OC7g7-X45FLJllJW73vkka2BLf-yQRWKkHnJh4PolBgEjadl-oz42twnGtW-hlCwoJSfH8dmiF_J7qRW9QhLy2SvgztO7WUA0xJkvAuZ5WIZitnT3kmJbaPLKYlw4RN4VPmFj9Erx6HM-zg_3Cyy_F_WHn_Xgut7hy4urnsIW-sqvQHz6WEOT9PxaCjTGhIQCpTTDMvvRTR4zny9Ig2vEGLtnBwwol9o_Wk3bqCkqcTUCO4wdVIIxkvDy29GFS_pODcTgpljuSlmThPUUC2Y_3P4DIg9ZFa8AE7ejwtMID4AQBiAXSlofWL5IFBAgEGAGSBQQIBRgEoAYCgAePovY5qAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQ3qIZ0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WOumw_DUxIYDmgk1aHR0cHM6Ly93d3cuaGF1c2ZyYWdlLmRlL2FydGlrZWwvZGVyLWZlaGxlci1iZWktc29sYXKACgPICwHiDRMIz-DD8NTEhgMVUMW7CB1U_jrI2BMM0BUBgBcBshceChwIABIUcHViLTYwOTY2MzIwMTkwNzI0MTMY45UTshgJEgLOXhgCIgEA6BgB&sigh=46XdovwEubU&uach_m=%5B%5D&ase=2&nis=6&cbvp=2
Domain
724e36f7-7ba9-4b63-b81f-69c8c93f7fcd.collector.p.analitik.bik.gov.tr
URL
https://724e36f7-7ba9-4b63-b81f-69c8c93f7fcd.collector.p.analitik.bik.gov.tr/api/collect
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405300101&jk=1976697497619569&bg=!KSqlKmXNAAb64txl2uI7ADQBe5WfOKGNUIVSAPrAAUhE0XZ4lXu_5X1I0LfVPP3PIo80verJR2D3VOA4cBqfgbPMSRbRAgAAAFVSAAAACmgBB34ANbTrzgyjoWOGlft0bheNt8OpETJVne8Bu5aXTehR5JHO9veF0452zuMRd0cHcarXFFkODEHDCgAkcNc8xVkbmGmRmtORhj1Xmbw5eABt90yH3q2ghoev3BPjz8s8mQKPT68ypMIl9sj4jZ2W24xzdgigpn3yEwpq52s9Sgy6HfAYJU17SXLVV45cRNgLlVmT4Mf7YdQJADLWIaq0mUcVWW0BDEazb-IBb-uI6SnHslJdcBFWsxChu2nurCqeoEZyjwk64LeL97OML1ZktqvRmctBGCxj4U8_Go5h_GsckkExdB3ropG_IdhRksvZXoHA6hLPNuHo_G0kbK97wNVHpODAqESblhwea6NCNH3Orl5s5Twso-JaqUAKp8F9nPCRhXe5FCZ2RZbFz_yf40eBr6PMG-0r2qt5tqwVdx9hunB3q68V2Hw5U9x0Ed0cBF47ywphq2hacinzaP9Ikd82d8bULNaP0r5-6BINke9aqdMZM62_hPDyaQ8OVCVhxWMH1HE_lS3bvYHkHmdGW6WQ2T0fiPmDv9VBuvrx4y7C9_dkHJUEPKyAqNCYkXZLzL1DY3mVR6mX6I9MlZqvnccCLF_p1jSocKPBSnMnwn6QW7TRXU48kIJ0BlrtIIknAdZ7KpZt-4YjG0sIVqdInj9xelMkfcPVtNfcCXGsStGIbKI7lCiS5EfEsEfBZXQP5UFBgSXTWJ9Xlr1-YzyW_IIJXwvzh9A2ot6bPwyCKd74aHNfJ4OPcqoLJMUTf6aVScF2pQq81nujKfEBOr55APHMhj0Dx9bbE5gTlap5M5LoZwO7cHiHpA_3vyxN-pTT6nuaA3VJBpVIGRf9L8IulHdXtbR3JtmDTUUNhuRE2b_s-Ozc5PKI_fe2qC18lw6kXslh0fNRtlJu3CURW6UiPrA285CHPk8e0CDqGuDNlhQW1mNoZojeDbqKfiws3DeZYgdgWQ1OGYFSDi1E4kP99WNkaB01HdvEXYL_KchPKu8pkQ
Domain
cdn.stickyadstv.com
URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Domain
am-match.taboola.com
URL
https://am-match.taboola.com/sync?dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&excid=22&docw=0&cijs=1&nlb=false
Domain
am-match.taboola.com
URL
https://am-match.taboola.com/sync?dast=V9Ca8CABYDAPsNuEKDTHJFBAD7DbhCg0xyRQUAAAAABgYAOwcAJDixmHaT4catstkma9HMsVgLBwvjWuIZWWaOlck0XA2HAECCE4tpNxlu3CqbbbIWzRyLtXCwMK4lnpFl5liZTMPVcAoADlN2mlyWg1oga5pcfjcAfKDpdPhc93qJy_N5Pc3Ou92u8bv9ulvJt9i1fXQAAAAAAHgA-P___4cAAAAAAIgAAAAAAJAAAAAAAKAACKgA-LcAELgAAAAAAMAA-P___9cAAIDiAEB4o-Vp97ns_gAAAAAAAAEAAAAAIAEAKMh7LwEAGDleOAH4_________48BGKDPvJEB-P___78BMOgBAHjwAQB4EAIAAAD4GALgQR8lY8K0ACYCABAYoSoCYAQAAAAAAPV_gHcEMAmgEwAqAIsqgP___34rAIArAACAgEd0ZJuxLADdQYm3MAAAAICAMYAFelj8frPDrvG7XQbw_________28G8H8G8I8GIERUP5wGEHSh0KMG8AsIALAG8AsIAMAGoG4AAABvAAJwAEEHQNCKwWB1AAoxGayWw8VyuJgdAAAAAMAdwP___78eAEiOViaXcbhwDkeT0cgwGLlMto3LZbMsNsPhymXbHgBtjg9rygD6Zx-Aw5SdJpfloBbImiaX334AE7YYrSaTzXI4Wy4mg-FoOBrtD2AgJqsBAkzEYLmcTBaT3Wq0Gm2Gu9FssEAAgRhMEICiRYPJajSaLCbD1Wiymi0Xu90GAShatZqNNoPhajaZ7Xar4WC4HI0QYMIWo9VkslkOZ8vFZDAcDUejIQLAyGizMW18q7XE4VquRRObw61wOUdrxcowmwxXrtHG5XGLXh_TybWcOUwLLwIIBoTsRfK0SCeahcViss08m9ls5RjNRhaLa2MyeWwj48Y4GFmWE7FEc7JIJ7LLvjlamVzG4cI5HE1GI8Ng5DLZNi6XzbLYDIcrl21fGW02po1vtZY4XMu1aGJzuBUu52itWBlmk-HKNdq4PG7R62M6uZYzh2nhb-wWu9VytxnO9o3dYrda7jbD2b5DZ_iuPmejs3FMeYSa5e-muNWcBoXLYPH-JKbFtDs7eM6-o9NlXCaLOqPf7_f7_X6_3-_3G7Seg9mg8A2H25U38uxWv1WJ42BQxBLBRToR-X2uz9tlcjrcctPtIpYoTRfpRK-7nXyL3dtnEUsEp4t0InoZTxf1HwEYcDCXrFZz3VwxGawSAAAAAAAAAADAEsAmAAAAAAAngMGshsPlap0AB7IZjXaL1XIBACTMunUBfq7vzlzUiLd2AXxJXaE5nZb_jgEcyO9zfd4uk9PhlptuVwYAkDDLZgbYDPAZgCDWarWsAQAAAASwAQAAAAK4AXQD8AYQEF7HAQAAAMjoAQAAAHb2AYCspB-5UOqH-QEIcrAa7h8AQIBCrNVqdbuxVqsVEFBAg9VqM4GA____f4IAAAAAAACAEbGCAAAAAAAAgKFPgwAAAAAAAICeOIQAgW03IaBCgMEQLX-3ywsBAQ!&excid=22&docw=0&cijs=1&nlb=false

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| customDefinitions object| dataLayer object| teads_analytics string| country object| onetrustBlockingScript object| onetrustScript string| __INSIDER_SCRIPT_VERSION_ntv__ function| loadDeferredStyles function| raf object| googletag function| __475an521in8a__ object| googlefc function| copyToClipboard boolean| isMobile object| images number| imagesLen object| source number| sourceLen object| img undefined| imgSrc object| sourceItem string| dataSrcSet function| OnetrustAdsConsent function| OptanonWrapper object| regeneratorRuntime object| dygtag object| app string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| _typeof object| _document function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray number| DEBOUNCE_TIMEOUT_MS undefined| _document2 undefined| autocompleteInput undefined| input undefined| resultsList undefined| comboBox undefined| apiUrl undefined| baseUrl undefined| currentListItemFocused undefined| isDropDownOpen function| openDropdown function| closeDropdown function| outsideClickListener function| setResults function| focusListItem function| selectValue function| handleKeyboardEvents undefined| bounce function| debounce object| checkBrowser object| common object| constants object| engageya object| footer object| ga_analytics object| gtm_analytics object| header object| heightBalancer function| _defineProperty function| _toPropertyKey function| _toPrimitive object| helper object| infinite_scroll object| news_social_area_control object| player object| taboola object| template object| economyWidgets object| slider object| Survey object| triggers object| weatherWidget object| widgets object| astrology object| gallery_news_detail object| text_next_detail object| video_detail function| $ function| jQuery object| lazySizes object| checkLastNews object| _taboola function| googleSearch object| OneTrustStub object| ggeac object| google_tag_data object| google_js_reporting_queue function| __an6na521li18__ string| MWNjNWFmNzVkZTA3ZTFmOWxvYWRlcl9qcw== object| MWNjNWFmNzVkZTA3ZTFmOWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| google_tag_manager object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRC object| TRCImpl undefined| __startEngine object| __visibleCallbackList object| __visibleElementToIdMap object| __visibleIdToElementMap boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn object| DygDFP object| dygtagRenderers number| popupBanner object| apstag function| fbq function| _fbq object| servgScript object| events boolean| isStage string| PlayerScriptUrl function| pm function| sQuery object| spApi object| Insider object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt undefined| google_measure_js_timing number| google_unique_id object| gaGlobal function| gtag object| _aps boolean| apstagLOADED object| apscustom string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| otTCF object| otIabModule number| taboola_view_id object| scr object| loc function| en undefined| k function| getResolution function| WID function| tracker object| Optanon object| OneTrust function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc number| clearGalleryTimer object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| passbackCalled function| endVidoomyPlayer function| stopVidoomyAdxTimeout boolean| showDisplayByCountry function| callVmdyDisplayPassback object| elasticApm object| vidoomy object| _0x26b0 function| _0x1966 function| _oscript object| ls function| _getRandomInt function| _loadSingle function| _load function| parseDataTag function| randomSort function| _cb function| postscribe string| GoogleAnalyticsObject function| ga object| GoogleGcLKhOms function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| google_image_requests string| nam object| placementData object| cmTag object| _cm_wfCounters object| webpackChunkadUnits object| Backbone function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist object| webpackJsonpCMPlayer function| OvaMediaPlayer string| lastWfUrl object| tbpbjs object| freewheelssp_cache

23 Cookies

Domain/Path Name / Value
bessuilynn.com/ Name: 8b2bb
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4NjBcIjoxNzE3NTk3MzgzfSxcImNhbXBhaWduc1wiOntcIjY1N1wiOjE3MTc1OTczODN9LFwidGltZVwiOjE3MTc1OTczODN9In0.z6N8EYI3DM3oexfxAe4QR0wSswTxjoeHp_UqPeHI1gU
.useinsider.com/ Name: __cf_bm
Value: 8AtYMoMEraLCh7sp2qWBhuUkc_nB0VflkWtcTj1d33A-1717597384-1.0.1.1-PrDpt3Dx3ZdM5Q.jJ6eD.gsFVN53Lz4GxONr9VLTICc6jc5JOyeAPA3VZ_ipsGNuLK61dNW4mrzx6u6ytj3lsQ
bessuilynn.com/ Name: _subid
Value: 1uodli01bdi9
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.bessuilynn.com/ Name: _gcl_au
Value: 1.1.80391809.1717597386
.bessuilynn.com/ Name: __gfp_64b
Value: F.XAGRbH6b235hQpyHxMyu7Ra.9JbW0vW4g0WpiZNxz.z7|1717597385|2
.hit.gemius.pl/ Name: receive-cookie-deprecation
Value: 1
.hit.gemius.pl/ Name: Gtest
Value: KlQLHMaGQMGGPFtGRnS1SclUssGMXP8c25nSGD6JOQ48XBG.
.bessuilynn.com/ Name: _fbc
Value: fb.1.1717597386193.IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
.bessuilynn.com/ Name: _fbp
Value: fb.1.1717597386194.980819836268518084
.hit.gemius.pl/ Name: Gdyn
Value: KlSxeRXGQMGGPFtGRnS1SclUssGMXP8c25nSGD6JOQ48FRxSG7RrGS6GND8tFlM1YH8PlexaG0F6Sssa
.hit.gemius.pl/ Name: Gdynp
Value: I_jWADay.77PaAO6QiNX8J69JXp_97.5MiWIE1D2ezv.T7
.ads.stickyadstv.com/ Name: UID
Value: 84f429c49ffc2358b3c18edb4a1a8
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.bessuilynn.com/ Name: _ga_NSW0HWG7RH
Value: GS1.1.1717597387.1.0.1717597387.60.0.1843838543
.bessuilynn.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.bessuilynn.com/ Name: _ga
Value: GA1.2.1675333363.1717597386
.bessuilynn.com/ Name: _gid
Value: GA1.2.1692786936.1717597388
.bessuilynn.com/ Name: _gat_UA-37502122-4
Value: 1
.springserve.com/ Name: sst
Value: 1717597388914
.springserve.com/ Name: ssid
Value: 3831e5a7-7768-49a7-805e-13c4c5526945
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3d71d573dccdaa30
.ads.pubmatic.com/ Name: KCCH
Value: YES

35 Console Messages

Source Level URL
Text
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn.taboola.com/libtrc/dogusmedia-ntv/loader.js
Message:
Unrecognized feature: 'browsing-topics'.
javascript error URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Access to XMLHttpRequest at 'https://www.ntv.com.tr/havadurumu/json' from origin 'https://bessuilynn.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.ntv.com.tr/havadurumu/json
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation error URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.5.3/OvaMediaPlayer.js
Message:
Custom state pseudo classes are changing from ":--webkit-media-controls-play-button" to ":state(webkit-media-controls-play-button)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bessuilynn.com/wVd71WmG?fbclid=IwAR14ukAKx6u03Z5yKAWPi8OQWvnJxcqM_tg0jOJn6gtuCPMdnQ_5wqBb44U_aem_sJKjqUMoKUEuT3JGzF5IdQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e0c830f68f8d34d1418880fe838a29a.safeframe.googlesyndication.com
724e36f7-7ba9-4b63-b81f-69c8c93f7fcd.collector.p.analitik.bik.gov.tr
a.teads.tv
a.vidoomy.com
aax.amazon-adsystem.com
ad.vidoomy.com
ads.stickyadstv.com
ads.vidoomy.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
at.teads.tv
bessuilynn.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.ntv.com.tr
cdn.p.analitik.bik.gov.tr
cdn.stickyadstv.com
cdn.taboola.com
cdn1.ntv.com.tr
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
connect.facebook.net
contributor.google.com
dygassets.dygdigital.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gatr.hit.gemius.pl
geolocation.onetrust.com
gum.criteo.com
hbopenbid.pubmatic.com
images.taboola.com
imprammp.taboola.com
ioms.bfmio.com
jnxm2.com
ls.hit.gemius.pl
ntv.api.useinsider.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
region1.analytics.google.com
rtb.openx.net
securepubads.g.doubleclick.net
servg1.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trc.taboola.com
vid.springserve.com
vidoomy-d.openx.net
vidstat.taboola.com
vidstatb.taboola.com
vpaid.pubmatic.com
vpaid.vidoomy.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.ntv.com.tr
724e36f7-7ba9-4b63-b81f-69c8c93f7fcd.collector.p.analitik.bik.gov.tr
am-match.taboola.com
cdn.stickyadstv.com
pagead2.googlesyndication.com
www.ntv.com.tr
104.17.24.14
108.138.32.75
108.138.36.15
141.226.228.48
142.250.184.193
142.250.185.66
142.250.186.168
142.250.186.35
146.59.30.96
151.101.1.44
151.101.193.44
157.240.252.13
172.217.16.130
172.67.139.233
18.173.191.98
18.191.37.40
184.30.21.51
185.64.189.112
2001:4860:4802:34::36
212.36.83.215
212.36.83.246
23.35.236.201
23.52.181.90
2606:4700:4400::ac40:9b77
2606:4700:7::a29f:853d
2606:4700::6813:b234
2607:ae80:192:1::176
2a00:1450:4001:801::200e
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:400c:c0d::9c
2a02:2638:3::c
2a02:6ea0:c700::19
2a02:6ea0:d513::4
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.13.186.205
31.3.2.72
31.3.2.79
34.98.64.218
35.227.252.103
52.48.31.126
52.58.156.188
54.234.218.193
69.173.144.138
77.223.135.226
92.222.252.172
02753708f3d9d9fab98b1b32102d97f8ac100920c98a13089909bdba2a5d6fe3
034c2b68fe319864743347faeb0470aa069c348dc1c682a523a816ff17850d8b
03e9fa43fffd6f201f912ea385d70a943e766f4016349501973762b38d12a280
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833
091ef0a625e4d5d3f767ee6e143d2e47625cb7df6da47fa97fe56a2da6002bf8
09a959b814e91b2c0cafae870bc140a98968f174cafd68d32f84985ab3cbb750
0f0442ab444bf86b7cc42c0318b9daf60bbe574eb16443bd543b1f3cecda56a1
1227d4d276545270f4293bfc3c56281cbd411ee17add67c72f06de00330dd5dd
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1390bee73f8ea6aaf81ff54a4d7fca9ab5c771d6173e0b7400ff99f1d14d8e5b
13e45e386b04e8805973d30fc1fd59225d7e69504964f88f1adf4a67543e0563
1426460a24307191cece06734bbd783b0a3025cfd677b93a4e677a79f6c675e2
174a9d09ed09551e1ea4eefea4f1b673f853e959b4745c28ba66917e9864205c
17b56fd85cf4f4d358106dfd5e8c40c08324d1a99d42c04fdec898cecbdbc5a9
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1ae01237aa51ea29010c2df24623fffaeb50d767cd7813f72c4576fd0207d622
1cb7e7b12fd8e25cdc97880e2fea9757603cea342db5d8e8e81ad159effbb3f5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1df939e3f56675909a6105f72340e55041b22b178c66781cdeb97174b4307d27
1e63362ba790e12c207f4441d7e87ab0f9a6f0b5b09ed58a63fc5dc9fa72d646
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2252546eb5630ddeda55bc2341644ceafa769a4a213f13497073306f14457824
275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
278fe32b28c15eda8356d53f0ef572a33c6dec5c576fd9c314e3a623f4dd4188
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2ac5c7710d3fd128e3d9547658e33fec927122fa82e23a7f408140dc2514eb32
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2d5e15f1a715da7926d37cceb1748706e4c26ac79b8a02fcfeac706cb0209dd8
2dafbaaa09ec584d5a18405e8d60c34d0912c987a4eace9b7679bbf1d3f2dbb0
2e520dd6d7e0cbd42b401db4b71b799f13c0060ef00d285ce23ddddbde789efc
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a510633f8e98e60871bc736dc2caf72a1ab9963ba9464d5474d4b70fbe1584
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3693a41d1886cfe119fc05db4aa41d555037fbbcf7180ff7a9b23813301bfad1
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c
3bec564c1266219666b782a931b2abdea2a82c5d415647d24cb1662ebba3bbe1
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
3e8dbb888529e0061ee91488b1cbef62cf45c2c9f06e02c657de1bea37f18242
4256713aa795a127c34d7b065dc0e624565692ccdef83e3cb96ad2402f0aeeec
43d682ebf13e6ed73077f08113ee1551d608654fc5ab3deeb60f135b665f0ccc
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
47f124ebbf541d4a12e6a41e2cdb9f1a565520a94b5a8394fbb851f9075272b2
48cbfa492c6453951d077dc926272fca07d7d3ac5fbba4989be785230029722c
4c403c9b2497970c7c342b432e88503da99bf9b273936fba745472bf0c50f0b2
4e2f89974aa108281045d76762b589c1e29bcd3270bb3f01923641203ae0a592
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
55f017283179055aaeb5642ae7bae973299c19504016022e279e9f9d653c2a52
568d5cb84f9cc98563a9e8a0d25874dbbf88ae6ce2e62eff9042e64e113a1a3d
58e45c14afef482bf15a053aff5ab3f7e40743387f7c993718ee1bafbe1b8ede
5aebe3c27e3896c4220b7ff3c2e96438fe9ed47449997c8203b39605102b410e
5b7a678427eb284df8521b956fefc56c34377b71d5db2692e036bc40cb7aaf66
5cb02d595757505062328ba3f97953e1571a762c77fec75668b5b82af11a2d24
5dd8dd77706f24ff6e6c3d834565571f653110eb99fe4f9614b0f8a8dcecafcc
5e3968f259311bd4bb0bac4f2d632bd5a6c1a2eb53a6bd5c8072af59661f6e6c
60a4b7f48b51b4dd8210b2282bddb8f0ba35e59326686bf8e078d120f87eac0a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61caf96dfa41d2cf2438f1344d9319fdca8672002b71a7a2b9ab673f3f4f80ef
63e8352da534a05dafb13e5aa106693d66074b5f96aaf7b9b0949d026f578f49
650a5274ce52f68963a6a54bed07c0248a98d4d0d7fcac936d34b76480fa2c07
685a3add38a6ac1835f6abedcb5bf26d610b2437038d98de1dc7f42d17733127
694146ddef015fa433e9bd31130689ed74f032a46ba0f12a4c9a70f0e0d32a27
69e42ff5a263a3ad0603f3f1400961fe8691fb825a6858b84814f69d29ff31d7
6c3f09841a881a12e193f0cf3023b202d44230d0924725312f5e557cb3230245
6c968f1c6ad9a2f73c976cdbd216384e84733db22e5f6551e2ad744a5fb4eb9d
6e9baed5265cd0b25f5ad9985caebe13d2ec8d8688513e64b6f3cbd3996a6ca5
704d90520fc15c5617684328ff63cba8eace8cffea946fed04ddc90a33d16ad5
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77d760d673fd7f2691cbf938c600146a2c5f1a3b447c5eea39adf14e59c75afe
79e3a45a6b5e3e451b30647e89b9edac18aac56e1c6820392f48f0bf7fa74bae
79f5dcb296cdf18a0c8dc358147a3bba8bd1255ce0cfa72627cb20a45b1c26ed
7a94f678ccb2c2e1bdafb82cf8bc32e2b2857cdf31d9c078fabf5de02b3a6916
7dc0caecdd1fc4e2e3d913b5e6d4877644c6c22afae1ba5d5f6d53c08e5c12a5
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ffbee9a416e31937116a8a587e2ccc4977df57b25e750ef24e2f670cca7f221
80270fa2a6c4e73a73aef7931f6cdc72612acba7c4d5db98690e600f97a280f0
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
8525fe7616453771ed2cfa38608d4e4aa5ee944a6266e0c6d3424365f68c3546
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
86535cf9b83e769ae2490b6064ad4a73ffca04a95799f24bbaa8e635f000df9a
87a50fb24393024bdde09068bdf5da53d30e4d03a6c9173a59d61f85fc6e4f30
87f00a2f6382ab8a70efadd506abb43dbc9c6184604a8fc191d9b6455eeda59a
8accd8d105236b41a7c2d8e847b41827530f661cb34c86523bb7a724f7709cf7
8d25eca7ef3b30eaebe9dcc142b9208bd3823056b120a9f326ec8ad09db31a03
8fa7c932416769427a190b29562159664dbd446e92ccbff8dff682e513758fb0
93845ed7412d20bda9bbd63e4d3d5e3ae31dc514f5f7f9c438bc21996e9fcdef
93ecae37a44aecfe9ca798c6f83ae3cc85d5b3b605ee1826156e0d6a750dd005
950c63f60fa751017cd669c982fb139e975b18cf7b12fce382ae3ce83217b205
9568b40e13d47eced9cd1cc4f5278783ec67736d850f72252f629ed79bb09e69
9757e1a5d5a10f5a3ce54859c83fc28ec20771f0cfdb93befaccc446206db06a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9d13b63548a4b1bdd597e6c0671499ce59d8a6cde0b54f008be2fe6afe7556c7
9e23d8fae36881c64ddeb4c360a7836dc90d6665c10319b0b92921e189c1e4a2
9f25405cdadde6349e2fdfbe6d20230363936a19548bdaea1799cfe6d0bdefab
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a55fa29ec26f45ca46589e30541efeb1e7298c13df4259583fb6f5c85c52ad9c
a6ca07d324a721d48f2a5327ad38c10038d5d063cf717f7fd265f87dfa184979
a8d305d4ad1fa215188ab305e141c612b4daef9e785ff6633092d723e86e3dd6
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
a9d15fa76579d44274b25146c950888b810237671bec1ea9a24055a514ca7262
aa5ebf1100bfacdbe5b21daf1b3c7c40d182299a2c08ca64dfcef1a407d00a3f
aa764942d430c2643022a5d7184913f091389f6f2a2f540af8c41fdb42b66225
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aac90b82a07a9be1b02f5ecd151154dc527a00071177209ee287804c0331da5a
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
b206e457a3afb3c34f989018276af92d522aad5e46e445dcea675fbfe2ce042e
b45b4f111b058afe046593da68b8ed8ea02459dcffaf4ec5193e1834775a948c
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
bcc6aaed62a2fdcfe95db92c098f70c8f0f7eeb310c9e5b39f1e033315c3b6a5
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd83f5964709bdb95ec93678f5a7ad1bc5755e330767c83e2372cfd8557d6cbe
c27341fd60ac772286c5d675592101d5a113b099636aab02fab6d6c5118bd11f
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb00a860660974b25947b756849035378feb8893f3699e16d391cabbf8374f2d
cd80a3f352eb1f49b6e16c19c8a45f991a582e05a447573453ba7f4feed2c56b
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d3c2f5bfe4c9152aa9466dd2ad3e17eae58c06b47edc68270f1935d1a994068b
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
d3ffa53efb55831ae37d13f2fa51a67b19b84e06abb574fc355efdaa0cef4e8e
d4e050711cc7bd5116a9866d823b64d38e52945e17b114ef99c2fe76e80bbfe8
d905a035268e87c89be83ab4855d5dc3cca8489f90f352c716e9d1d8781a3df3
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
dbdba52f28c6b2e8afc7bafbbcb1b9e865e413869663e6b18ef8939026e468a4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c9375f9f6d004a270d072d4dad53a3bb9e298f27ff8a55b15270813448c01c
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e2f62b0aad6f3c4f02ba462d1c03386c6e81dbb7e88cdefcf3c50b9ba2a5d2c8
e3968a0b20eb4cf70c727d7eff2e083faf837b7e20a511dda0ff884b2d34fee8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a8b9a631848b2d25d766c07f59c7dc3973817278d9cabb155133752222ed96
e7a9a09610a638b0f1f8f6730ef07f724e3894552246c05708bfc3bff70ea16f
e7de5945bef8d5269befd51919b5c1c6d17abb0c622e1681b74d8e99c704371e
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ee42426eac39800a98ff6dcf71cbe0860612842d2db8f897b52d9b6edb82c8c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f253eb251d1d37c57454b704606b248dac4510b6a343177805a3f08b89a7828d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
f62b60845db5f3fbbe28c3ed8d5b6930868ae77e9adc835e92ca80429c38b5c3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6f1a3b3aa231ea365b346a919eb52e0bca33e4ce566c686f7420948cb11601f
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
fa7db142b598f9f3915e087657c9b2b4f647e0dfc5f8cdd39a0e6b681ce5077b
fb3175574322bc492f3f34dcceb4f25714d14c47161081bc6dd236aae30117f5
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fcebe9ce54e9e74de03d50c453601b5ab5dd98074cb300720c81be120cdb2040
fd129ac387ca00336c3a5fd1c4640324b39184a2b265f9fa038c41d754a5d830
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065