www.bilyoner.com Open in urlscan Pro
92.45.9.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bilyoner.com/
Effective URL:
https://www.bilyoner.com/
Submission: On November 25 via api (November 25th 2023, 11:39:25 am UTC) from US — Scanned from DE

Summary HTTP 210 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 58 IPs in 9 countries across 50 domains to perform 210 HTTP transactions. The main IP is 92.45.9.90, located in Ankara, Turkey and belongs to TELLCOM-AS, TR. The main domain is www.bilyoner.com. The Cisco Umbrella rank of the primary domain is 621312.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 4th 2023. Valid for: a year.

This is the only time www.bilyoner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	92.45.9.90 92.45.9.90	34984 (TELLCOM-AS) (TELLCOM-AS)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
37	2.19.126.88 2.19.126.88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:a1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
7 9	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	195.42.242.247 195.42.242.247	51540 (DALNET-ASN) (DALNET-ASN)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	18.196.230.223 18.196.230.223	16509 (AMAZON-02) (AMAZON-02)
3 5	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	34.248.177.109 34.248.177.109	16509 (AMAZON-02) (AMAZON-02)
1 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	54.77.45.243 54.77.45.243	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2	54.195.232.74 54.195.232.74	16509 (AMAZON-02) (AMAZON-02)
2	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.93.209.232 54.93.209.232	16509 (AMAZON-02) (AMAZON-02)
2	54.88.4.137 54.88.4.137	14618 (AMAZON-AES) (AMAZON-AES)
2	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	54.77.121.238 54.77.121.238	16509 (AMAZON-02) (AMAZON-02)
2	18.195.110.104 18.195.110.104	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4232:d5ff:1540:2e33:3aaf	14618 (AMAZON-AES) (AMAZON-AES)
2	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.80.178.10 99.80.178.10	16509 (AMAZON-02) (AMAZON-02)
1	18.66.107.190 18.66.107.190	16509 (AMAZON-02) (AMAZON-02)
2	34.246.253.18 34.246.253.18	16509 (AMAZON-02) (AMAZON-02)
1	35.156.208.108 35.156.208.108	16509 (AMAZON-02) (AMAZON-02)
2	3.18.128.164 3.18.128.164	16509 (AMAZON-02) (AMAZON-02)
1	3.123.198.250 3.123.198.250	16509 (AMAZON-02) (AMAZON-02)
1	195.42.241.245 195.42.241.245	51540 (DALNET-ASN) (DALNET-ASN)
210	58

44 92.45.9.90 (Ankara, Turkey) 1 redirects

ASN34984 (TELLCOM-AS, TR)
PTR: host-92-45-9-90.reverse.superonline.net

www.bilyoner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2.19.126.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-88.deploy.static.akamaitechnologies.com

content.bilyoner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a1a (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcdn.dengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

460324fe-760e-00a9-5f0d-6f3fd1452758.dengagecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::c (France) 7 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.42.242.247 (United Kingdom)

ASN51540 (DALNET-ASN, TR)
PTR: static-mail-242-247.engines.dengage.net

event.dengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.230.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.12 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.177.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-177-109.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.45.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-45-243.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.232.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-232-74.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.209.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-209-232.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.4.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-4-137.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.121.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-121-238.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.110.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:d5ff:1540:2e33:3aaf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.178.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-178-10.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-190.fra56.r.cloudfront.net

dbfukofby5ycr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.253.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-253-18.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.208.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-208-108.eu-central-1.compute.amazonaws.com

bilyoner.webinstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.18.128.164 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-128-164.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.198.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-198-250.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.42.241.245 (United Kingdom)

ASN51540 (DALNET-ASN, TR)
PTR: static-mail-241-245.engines.dengage.net

push.dengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	bilyoner.com 1 redirects www.bilyoner.com — Cisco Umbrella Rank: 621312 content.bilyoner.com — Cisco Umbrella Rank: 566484	3 MB
15	criteo.com 7 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 sslwidget.criteo.com — Cisco Umbrella Rank: 2332 dis.criteo.com — Cisco Umbrella Rank: 597	20 KB
10	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	37 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	3 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	450 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	22 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6862	814 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	541 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
4	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	193 B
4	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 555 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 497	826 B
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1699	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	dengage.com pcdn.dengage.com — Cisco Umbrella Rank: 216504 event.dengage.com — Cisco Umbrella Rank: 192429 push.dengage.com — Cisco Umbrella Rank: 153518	93 KB
2	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2536	535 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 758	673 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4925	470 B
2	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3030	798 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	69 B
2	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2528
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 843	299 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 807	290 B
2	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1122	845 B
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1284	2 KB
2	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10529	377 B
2	360yield.com ad.360yield.com — Cisco Umbrella Rank: 781	397 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440	2 KB
2	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 799	769 B
2	adform.net cm.adform.net — Cisco Umbrella Rank: 1267	325 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	279 B
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2580	326 B
2	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1630	197 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	227 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	478 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 691	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	291 B
2	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2069	446 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2274	44 B
1	webinstats.com bilyoner.webinstats.com — Cisco Umbrella Rank: 581487	252 B
1	cloudfront.net dbfukofby5ycr.cloudfront.net	26 KB
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2884	38 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	722 B
1	t.co t.co — Cisco Umbrella Rank: 607	376 B
1	dengagecdn.com 460324fe-760e-00a9-5f0d-6f3fd1452758.dengagecdn.com	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	15 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	instant.page instant.page — Cisco Umbrella Rank: 17669	1 KB
210	50

	Domain	Requested by
44	www.bilyoner.com	1 redirects www.bilyoner.com
37	content.bilyoner.com	www.bilyoner.com
8	gum.criteo.com	7 redirects static.criteo.net
6	www.google.com	www.bilyoner.com www.gstatic.com www.google.com
6	www.google.de	www.bilyoner.com
6	www.google-analytics.com	www.googletagmanager.com www.bilyoner.com www.google-analytics.com
6	www.googletagmanager.com	www.bilyoner.com www.googletagmanager.com www.google-analytics.com
6	www.gstatic.com	www.bilyoner.com www.google.com www.gstatic.com
5	ib.adnxs.com	3 redirects www.bilyoner.com
5	stats.g.doubleclick.net	www.googletagmanager.com www.bilyoner.com
4	ups.analytics.yahoo.com
4	dis.criteo.com
4	region1.analytics.google.com	www.googletagmanager.com
3	dpm.demdex.net	1 redirects
3	r.casalemedia.com	1 redirects www.bilyoner.com
3	bat.bing.com	www.bilyoner.com bat.bing.com
2	s.thebrighttag.com
2	firebaseremoteconfig.googleapis.com	www.bilyoner.com
2	beacon.krxd.net
2	ad.yieldlab.net
2	criteo-partners.tremorhub.com	www.bilyoner.com
2	match.sharethrough.com
2	trends.revcontent.com
2	simage2.pubmatic.com
2	sync.outbrain.com	www.bilyoner.com
2	jadserve.postrelease.com	www.bilyoner.com
2	exchange.mediavine.com
2	matching.ivitrack.com	www.bilyoner.com
2	ad.360yield.com	www.bilyoner.com
2	id5-sync.com	www.bilyoner.com
2	visitor.omnitagjs.com	www.bilyoner.com
2	cm.adform.net	www.bilyoner.com
2	eb2.3lift.com	www.bilyoner.com
2	criteo-sync.teads.tv	www.bilyoner.com
2	sync-t1.taboola.com
2	rtb-csync.smartadserver.com	www.bilyoner.com
2	pixel.rubiconproject.com
2	contextual.media.net	www.bilyoner.com
2	x.bidswitch.net	www.bilyoner.com
2	cm.g.doubleclick.net	2 redirects
2	fonts.gstatic.com	www.google.com
2	sslwidget.criteo.com	static.criteo.net
2	firebaseinstallations.googleapis.com	www.bilyoner.com
2	api-js.mixpanel.com	www.bilyoner.com
2	connect.facebook.net	www.bilyoner.com connect.facebook.net
1	push.dengage.com	www.bilyoner.com
1	e1.emxdgt.com
1	bilyoner.webinstats.com	www.bilyoner.com
1	dbfukofby5ycr.cloudfront.net	www.bilyoner.com
1	sync-criteo.ads.yieldmo.com
1	mug.criteo.com	www.bilyoner.com
1	www.facebook.com	www.bilyoner.com
1	event.dengage.com	www.bilyoner.com
1	analytics.twitter.com	www.bilyoner.com
1	t.co	www.bilyoner.com
1	region1.google-analytics.com	www.googletagmanager.com
1	460324fe-760e-00a9-5f0d-6f3fd1452758.dengagecdn.com	pcdn.dengage.com
1	static.criteo.net	www.googletagmanager.com
1	static.ads-twitter.com	www.bilyoner.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	pcdn.dengage.com	www.bilyoner.com
1	instant.page	www.bilyoner.com
210	62

This site contains links to these domains. Also see Links.

Domain
app.adjust.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.bilyoner.com GlobalSign RSA OV SSL CA 2018	`2023-04-04` - `2024-05-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
content.bilyoner.com R3	`2023-09-28` - `2023-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
pcdn.dengage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-20` - `2024-08-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-03` - `2023-12-02`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.dengagecdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-05` - `2024-07-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.dengage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-19` - `2024-01-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.webinstats.com Go Daddy Secure Certificate Authority - G2	`2023-01-07` - `2024-02-08`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.bilyoner.com/
Frame ID: D9608DE550F128D299A5CB5C6A737C2E
Requests: 139 HTTP requests in this frame

Frame: https://460324fe-760e-00a9-5f0d-6f3fd1452758.dengagecdn.com/cross-domain-storage-hub.html
Frame ID: 2261F3FF3A39097FA703B720F069214C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.bilyoner.com&origin=onetag
Frame ID: B4683DB31A53215455DE441D6B944E8F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfv0UwbAAAAABQvH6kgBNZDbxAE0l_qd7b2jLnw&co=aHR0cHM6Ly93d3cuYmlseW9uZXIuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=8fbmuk5ds9e0
Frame ID: D7767DFDDC4C50D8519312203E3A0926
Requests: 7 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0
Frame ID: C8D407ABC85E3CF94D9B816C79CD5460
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0
Frame ID: FCB0EBF835721433D950A0DA04A54C89
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bilyoner: İddaa | At Yarışı | Spor Toto

Page URL History Show full URLs

http://www.bilyoner.com/ HTTP 301
https://www.bilyoner.com/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Basket

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

210
Requests

94 %
HTTPS

33 %
IPv6

50
Domains

62
Subdomains

58
IPs

9
Countries

4309 kB
Transfer

12917 kB
Size

63
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://app.adjust.com/11ekz93x?deep_link=bilyoner%3A%2F%2F

Search URL Search Domain Scan URL

URL: https://app.adjust.com/kbqm4qx?engagement_type=fallback_click

Search URL Search Domain Scan URL

URL: https://app.adjust.com/12cimxml?engagement_type=fallback_click&redirect=https%3A%2F%2Fappgallery.huawei.com%2F%23%2Fapp%2FC108310847

Search URL Search Domain Scan URL

URL: https://app.adjust.com/12ema1ey?engagement_type=fallback_click&redirect=https%3A%2F%2Fgalaxystore.samsung.com%2Fdetail%2Fcom.bilyoner.app

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bilyoner

Search URL Search Domain Scan URL

URL: https://twitter.com/Bilyoner

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bilyoner

Search URL Search Domain Scan URL

URL: http://www.youtube.com/BilyonerVideo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bilyoner.com/ HTTP 301
https://www.bilyoner.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://gum.criteo.com/sid/json?origin=onetag&domain=bilyoner.com&sn=ChromeSyncframe&so=0&topUrl=www.bilyoner.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5oPhh3xLOGhrVlFIZmRtWlB3Q1NwOUl5UWxUbW9aamhLblVCNGVzOEoyMHlJd21UeXRwSWRHQ3pid3N3ejF1cTgyV0dWc2RRT1JWbkx2UXVmLzJyS0tvR2t0NDZlUUhSUnk4eU9jSGFUUllTcHJuaGVzZTgwYnRVcFI0SUFqbWk0Uk1QU0ZUWEtNN2JWa0hlM2VKM2puOWJJOXJJby9sc2piZVZ4WnhnZmxiRDc0L1o1KzYzMHplNkNXQ2s1ZmZUQkZuY2Vxa2YreDFHQlRuNnFqUVFXQ1UweWd6cTF2QlNoS0I5V3cxKy9JWGh0R2swRGhUeDhqT2hoSnBGZDZWNklPQnRiME1BRDJyamEvRmNLdjdueW5FVVVyQT09fA&cppv=2

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_cm&google_hm=ay1LU1BKTWdFcVh5c2hpODJGNTBsRW5fa09obGxJMFR3Z2lfUTF1Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0

Request Chain 142

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099

Request Chain 152

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Us4JmQEqXyshi82F50lEn_kOhlmeee87OLwQcQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Us4JmQEqXyshi82F50lEn_kOhlmeee87OLwQcQ&C=1

Request Chain 153

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=M1haqyhpGiZkvwNdQJ4hDD70t1yets0Q HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=M1haqyhpGiZkvwNdQJ4hDD70t1yets0Q

Request Chain 169

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hCnid1TWjHB8C-H9CNlDQuDpZ3oV7dgH

Request Chain 173

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cLXu5lcyNJJFZVFtBqncC9neW90GlJaJ

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_cm&google_hm=ay1LU1BKTWdFcVh5c2hpODJGNTBsRW5fa09obGxJMFR3Z2lfUTF1Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0

Request Chain 177

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099

Request Chain 185

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R4O8AW9RoI87l83EticJnFOzsGsyPcVM

Request Chain 203

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NwAlvXXcSDom4SaFL4d6dPqyhAntjTn0

Request Chain 204

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xw8xSGJCSBgF_T3a3Vns_zV4ExlZ7Hbc

210 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bilyoner.com/
Redirect Chain

http://www.bilyoner.com/
https://www.bilyoner.com/

43 KB
9 KB

132ms
42ms

Document
text/html

92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: a8824f8be69458eb75611bcfe746ef6c717276e0d003e1c11f4299d0b0b4d353

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 25 Nov 2023 11:39:17 GMT
etag: W/"ad9d-ThwBNm6V8Delr1l1jd5b/r+VhP4"
expires: 30m
server: nginx
vary: Accept-Encoding Accept-Encoding User-Agent
x-proxy-cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 25 Nov 2023 11:39:17 GMT
Location: https://www.bilyoner.com/
Server: nginx
Strict-Transport-Security: max-age=31536000

GET
H2 200 ubuntu-bold-webfont.woff2
www.bilyoner.com/public/fonts/ 48 KB
48 KB 143ms
141ms Font
font/woff2 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/fonts/ubuntu-bold-webfont.woff2
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 41f96afe7ba877a977469ef2dc1295f9d6a786168f677c45d2c54f5823de065c

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"be74-18c014329a0"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=0, private
accept-ranges: bytes
content-length: 48756
expires: 7d

GET
H2 200 ubuntu-light-webfont.woff2
www.bilyoner.com/public/fonts/ 62 KB
62 KB 144ms
142ms Font
font/woff2 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/fonts/ubuntu-light-webfont.woff2
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 646e58d932e3e5ae406d63e17d375de4b6d0cc0562e62b34d8351b9189414a3a

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"f6f0-18c014329a0"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=0, private
accept-ranges: bytes
content-length: 63216
expires: 7d

GET
H2 200 ubuntu-regular-webfont.woff2
www.bilyoner.com/public/fonts/ 56 KB
57 KB 144ms
142ms Font
font/woff2 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/fonts/ubuntu-regular-webfont.woff2
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: c97484b870b6257ea9fbc953c26a261bf75eef7526f30b9130d57205210b2b3a

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"e1bc-18c014329a0"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=0, private
accept-ranges: bytes
content-length: 57788
expires: 7d

GET
H2 200 ubuntu-medium-webfont.woff2
www.bilyoner.com/public/fonts/ 50 KB
51 KB 144ms
143ms Font
font/woff2 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/fonts/ubuntu-medium-webfont.woff2
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: b48c8c6d417fa4949342628d8a34c3e4cbebb96c081e6fbac4c67b127b44ac68

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"c8f4-18c014329a0"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=0, private
accept-ranges: bytes
content-length: 51444
expires: 7d

GET
H2 200 ubuntu-bolditalic-webfont.woff2
www.bilyoner.com/public/fonts/ 51 KB
51 KB 144ms
143ms Font
font/woff2 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/fonts/ubuntu-bolditalic-webfont.woff2
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 84884a5d0744ac8ff922ca1fa4221a53540cc173435944f164fd58fcf888fa4c

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"ca74-18c014329a0"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=0, private
accept-ranges: bytes
content-length: 51828
expires: 7d

GET
H2 200 bilyoner.woff2
www.bilyoner.com/public/fonts/ 37 KB
38 KB 145ms
143ms Font
font/woff2 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/fonts/bilyoner.woff2
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 988f202b0ef04dde870ee90a849200a5d652caec89d3bc42ffbed8719dcfd47c

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"954c-18c014329a0"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=0, private
accept-ranges: bytes
content-length: 38220
expires: 7d

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.2/ 20 KB
7 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.2/firebase-app.js

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8487b33c5db3fb10b3785281018ea31ac4897ae02e1074b5a79e174ac409b2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6586
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 23:39:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 05:32:20 GMT

GET
H2 200 firebase-remote-config.js Show response
www.gstatic.com/firebasejs/8.3.2/ 36 KB
10 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.2/firebase-remote-config.js

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ee4ab2f874a66c05ffcde79ccea8998bdfb89da8b8e7f1a0503e2681e7256f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 03:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10474
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 23:39:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 03:02:07 GMT

GET
H2 200 vendors~main.css
www.bilyoner.com/static/ 82 KB
8 KB 52ms
51ms Stylesheet
text/css 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/vendors~main.css?v=b368922c
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: cd8e640357e2c90f1d0f234f9cae65dcd625d27b0557b1f3029056fa0492a7be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"1496a-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 main.css
www.bilyoner.com/static/ 884 KB
126 KB 71ms
70ms Stylesheet
text/css 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/main.css?v=c683007d
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: bdd8813be877a8d1518f5611f10f1258cfa7454dd3692b16238917bf2824fb5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"dd1a3-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 63ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FN5Z7W5Z23&l=dataLayer

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9be30c08635847f3dd7210cc0ccde101011b15ceb084a99c9c6969c914ffd690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Nov 2023 11:39:17 GMT

GET
H2 200 swiper.js Show response
www.bilyoner.com/public/thirdParty/swiper/ 139 KB
37 KB 64ms
62ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/thirdParty/swiper/swiper.js
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: f2d3e1ccd66d07ca5900b7b7a7097333046a18e0455f1c3f372dfd8ab0dc9fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:09 GMT
server: nginx
etag: W/"22aa3-18c01432d88"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
expires: 1d

GET
H2 200 arkadasini_getir_sari.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 79ms
11ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/arkadasini_getir_sari.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e887f5381570687450210a77c6bd5b107c433079aa7666e502a402f91f0e0b2d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
last-modified: Sat, 21 Oct 2023 05:17:38 GMT
server: Akamai Image Manager
etag: "652e7127-2fa4"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76731
content-length: 2008
expires: Sun, 26 Nov 2023 08:58:08 GMT

GET
H2 200 ic_google_play.svg
www.bilyoner.com/public/images/icons/ 18 KB
8 KB 144ms
144ms Image
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bilyoner.com/public/images/icons/ic_google_play.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: b28b3cec21adb461d42c1a2fa3856167784fae5255f828ae62258d42f24586d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"4639-18c014329a0"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
expires: 7d

GET
H2 200 anadolu-efes-100x100.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 13ms
13ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/anadolu-efes-100x100.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8ce948babfa0ccbbdd5443da46e9352665db824d7a59084e44e81d6bbe7d62b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
last-modified: Sun, 22 Oct 2023 02:59:05 GMT
server: Akamai Image Manager
etag: "60c9cfba-765"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76331
content-length: 1735
expires: Sun, 26 Nov 2023 08:51:28 GMT

GET
H2 200 rakipbul-100x100.png
content.bilyoner.com/media/cms/photos/ 2 KB
3 KB 12ms
12ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/rakipbul-100x100.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c97e39a43c70059c71a85318bb3d8c0c41507136c2b7e3bf6a3560346b53a1c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
last-modified: Fri, 20 Oct 2023 07:33:43 GMT
server: Akamai Image Manager
x-serial: 1310
x-check-cacheable: YES
etag: "60c9cfc6-c44"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75058
content-length: 2488
expires: Sun, 26 Nov 2023 08:30:15 GMT

GET
H2 200 tsyd-100x100.png
content.bilyoner.com/media/cms/photos/ 3 KB
3 KB 10ms
10ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/tsyd-100x100.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

94379021e055f0760971ed41518c944bcb5e63ec2c04834387278cb0d832c33b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
last-modified: Mon, 23 Oct 2023 00:32:32 GMT
server: Akamai Image Manager
x-serial: 479
x-check-cacheable: YES
etag: "60c9cfc8-fea"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75069
content-length: 3111
expires: Sun, 26 Nov 2023 08:30:26 GMT

GET
H2 200 group463.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 13ms
11ms Image
image/png 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/group463.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

19ac4abc1b68ead8cc090b96714ad28e710d0559479ff841c948a501beea4ed0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
last-modified: Fri, 20 Oct 2023 07:31:06 GMT
server: Akamai Image Manager
x-serial: 1606
x-check-cacheable: YES
etag: "625d4975-694"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=18760
content-length: 1684
expires: Sat, 25 Nov 2023 16:51:57 GMT

GET
H2 200 vendors~main.js Show response
www.bilyoner.com/static/ 1 MB
405 KB 76ms
73ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: e307a561dcc50ffd1443ce0aef520e087a2a0bdce4306f9c636bd65757e8c875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"160891-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 main.js Show response
www.bilyoner.com/static/ 2 MB
481 KB 133ms
131ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/main.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: d6dc17ef800cfb1944c1dc50bb4e95abbe57e09480f3053d35a6b056af5ab3f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"237e30-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 vendors~AuthorComments~Coupons~Home~HorseCardWidget~Probables~Program~SportsBook~UpcomingRaces.js Show response
www.bilyoner.com/static/ 22 KB
7 KB 202ms
199ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/vendors~AuthorComments~Coupons~Home~HorseCardWidget~Probables~Program~SportsBook~UpcomingRaces.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 3999c9b77500d9956d74538c45b0588f5f59f9d14d37b7acdb0fced5e6980bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"5884-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 vendors~Home~LeagueCard~MatchCard~SportsBook~VerifyEmail.js Show response
www.bilyoner.com/static/ 33 KB
6 KB 202ms
200ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/vendors~Home~LeagueCard~MatchCard~SportsBook~VerifyEmail.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 49da755744a4934042f0d2917d8dc4c014e6aba76f84dde5fd0af448a4e9bb5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"85d1-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 vendors~Home~PopularBets~SportsBook.js Show response
www.bilyoner.com/static/ 15 KB
5 KB 203ms
201ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/vendors~Home~PopularBets~SportsBook.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: b999da5f1ff452deaaeb60dfe03d8a10582c8b74316b7c22735dbf89498424d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"3c1f-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 vendors~Home.js Show response
www.bilyoner.com/static/ 23 KB
7 KB 204ms
202ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/vendors~Home.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 222cb69c9157cc09fef4924083b3b61a6c24d4f4dff32a23e14a394bdd7dd454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"5ada-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 Home.js Show response
www.bilyoner.com/static/ 113 KB
30 KB 207ms
205ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/Home.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: eff1904d0bad57f13ef29478878830d141c8cf94fcf978edc6849c9e70bfa5d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"1c4ca-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 5.1.1 Show response
instant.page/ 3 KB
1 KB 44ms
15ms Script
text/javascript 2606:4700::6811:a1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/5.1.1
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d0ee7a16ae3c3063d7644963128afd917c75e9aab66dc4582966b6e5aaeaf6c

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 82b99c3b5be33618-FRA

GET
H2 200 swiper.css
www.bilyoner.com/public/thirdParty/swiper/ 14 KB
4 KB 291ms
290ms Stylesheet
text/css 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/thirdParty/swiper/swiper.css
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 21d83c4c14d64c58722f72c03ef1937cb7847f58791abacd39d6d8f3300fe4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:09 GMT
server: nginx
etag: W/"3645-18c01432d88"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, private
expires: 1d

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
94 KB 97ms
59ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B75WDJ

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed380a206dc51b365c7799ed70f028a71a31dbf05ac8ca9c8f3bcd8dc01701bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96282
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Nov 2023 11:39:17 GMT

GET
H2 200 dengage_sdk.js Show response
pcdn.dengage.com/p/push/273/460324fe-760e-00a9-5f0d-6f3fd1452758/ 291 KB
92 KB 144ms
42ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcdn.dengage.com/p/push/273/460324fe-760e-00a9-5f0d-6f3fd1452758/dengage_sdk.js
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4cb1db10b084baa3339de503fef7ae1358eddb2ba097063ba243d8bd34838166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 25 Nov 2023 11:39:17 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:02:57 GMT
vary: Accept-Encoding
x-azure-ref: 20231125T113917Z-9uf38r679577b503t8ave2p3v80000000cm000000000358r
content-type: text/javascript
x-ms-request-id: 80a7573d-501e-0063-3c74-1ccfd8000000
cache-control: public, max-age=900, must-revalidate
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 icons.3.56.9.svg
www.bilyoner.com/static/images/ 1 MB
585 KB 213ms
212ms Other
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/images/icons.3.56.9.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 217a3b0cfab727505d5c70d057949daab9f9a52d31a7cbf5d8370baf2cc8ca03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:23:23 GMT
server: nginx
etag: W/"15069d-18c0148e278"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 7d

GET
H2 200 ic-arrow-up-white.svg
www.bilyoner.com/public/images/icons/ 451 B
615 B 285ms
284ms Image
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bilyoner.com/public/images/icons/ic-arrow-up-white.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/main.css?v=c683007d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 011d010ee5724df000fd9020cb6e664d9a608d0ded3adc8607c3c2a0ff686e07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/static/main.css?v=c683007d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:17 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"1c3-18c014329a0"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
expires: 7d

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PMSPH49DC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B75WDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de2fb48982295ead77853c1fb03523626e3c79ec4b0d96a2179781030a7038da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Nov 2023 11:39:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B75WDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 25 Nov 2023 09:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6580
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 25 Nov 2023 11:49:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961475748/ 3 KB
2 KB 78ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961475748/?random=1700912358030&cv=11&fst=1700912358030&bg=ffffff&guid=ON&async=1&gtm=45He3b81v812754639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bilyoner.com%2F&hn=www.googleadservices.com&frm=0&tiba=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&auid=1659688499.1700912358&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B75WDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a337db072637cb3951de3ea242b330bbfe351556616405176b28a088200efd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 53ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 25 Nov 2023 11:39:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: u6gH7+stvnxZ5qwGf71yevYuTrk+1hAI7HmNtAKKWkt/BvADAWAjmXjpiDwufMQdvbZeorUvCKpERRvIvanJSQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 65ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FN5Z7W5Z23&gtm=45je3b81v888515186z8812754639&_p=1700912357807&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1470306541.1700912358&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700912358&sct=1&seg=0&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&en=page_view&_fv=1&_nsi=1&_ss=1&ep.using_gtm=true&ep.isCookie=false&tfd=697
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FN5Z7W5Z23&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 88ms
41ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FN5Z7W5Z23&cid=1470306541.1700912358&gtm=45je3b81v888515186z8812754639&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FN5Z7W5Z23&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 63ms
17ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230023-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 132ms
86ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 25 Nov 2023 11:39:17 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF401238C65E44B39E4494771216C085 Ref B: FRAEDGE2014 Ref C: 2023-11-25T11:39:18Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 86ms
43ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B75WDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 26 Nov 2023 11:39:18 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 104ms
41ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FN5Z7W5Z23&cid=1470306541.1700912358&gtm=45je3b81v888515186z8812754639&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=47661679

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cross-domain-storage-hub.html Show response
460324fe-760e-00a9-5f0d-6f3fd1452758.dengagecdn.com/ Frame 2261 2 KB
1 KB 76ms
10ms Document
text/html 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://460324fe-760e-00a9-5f0d-6f3fd1452758.dengagecdn.com/cross-domain-storage-hub.html
Requested by: Host: pcdn.dengage.com
URL: https://pcdn.dengage.com/p/push/273/460324fe-760e-00a9-5f0d-6f3fd1452758/dengage_sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5bc4f450d6d48b2a4cea602557a7a20dc7ab461b644e0391e1563a0695a8a61

Request headers

Referer: https://www.bilyoner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Thu, 28 Jul 2022 13:27:44 GMT
vary: Accept-Encoding
x-azure-ref: 20231125T113918Z-ma90pzrqnd3tf68a5gpq26bxxc0000000fk000000000msct
x-cache: TCP_HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: fca72df8-e01e-000b-3423-1dba72000000
x-ms-version: 2009-09-19

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddb18fdf9f687660f7b4b563d41ded422312a3660092cbca093303824a33818f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icons.3.56.9.svg
www.bilyoner.com/static/images/ 1 MB
585 KB 49ms
49ms Other
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/images/icons.3.56.9.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 217a3b0cfab727505d5c70d057949daab9f9a52d31a7cbf5d8370baf2cc8ca03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:23:23 GMT
server: nginx
etag: W/"15069d-18c0148e278"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 7d

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 63ms
25ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lfv0UwbAAAAABQvH6kgBNZDbxAE0l_qd7b2jLnw

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d15a6b33e242ac374716210e47589219ae08ebaeac9dbbae00943df369cc863e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 25 Nov 2023 11:39:18 GMT

GET
H2 200 logo-text.svg
www.bilyoner.com/public/images/ 8 KB
4 KB 59ms
58ms Image
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bilyoner.com/public/images/logo-text.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/main.css?v=c683007d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: caadd8fd368ad2d2145eea5c6e4eda3dd7bbf66359178684cae3e8e4f2e7a29c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/static/main.css?v=c683007d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:09 GMT
server: nginx
etag: W/"2037-18c01432d88"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
expires: 7d

GET
H2 200 ic_close_white.svg
www.bilyoner.com/public/images/icons/ 659 B
642 B 59ms
58ms Image
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bilyoner.com/public/images/icons/ic_close_white.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/main.css?v=c683007d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 5c4ae18fd54312b6dbbe4812ccda5d03c04d7a24bbc3937fa7ac72acc4a72cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/static/main.css?v=c683007d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"293-18c014329a0"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
expires: 7d

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
347 B 85ms
44ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1700912358565

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Sat, 25 Nov 2023 11:39:18 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bilyoner.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 23
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

GET
H2 200 arkadasini_getir_sari.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 15ms
10ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/arkadasini_getir_sari.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e887f5381570687450210a77c6bd5b107c433079aa7666e502a402f91f0e0b2d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sat, 21 Oct 2023 05:17:38 GMT
server: Akamai Image Manager
etag: "652e7127-2fa4"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76730
content-length: 2008
expires: Sun, 26 Nov 2023 08:58:08 GMT

GET
H2 200 ic_google_play.svg
www.bilyoner.com/public/images/icons/ 18 KB
8 KB 47ms
42ms Image
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bilyoner.com/public/images/icons/ic_google_play.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: b28b3cec21adb461d42c1a2fa3856167784fae5255f828ae62258d42f24586d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:08 GMT
server: nginx
etag: W/"4639-18c014329a0"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
expires: 7d

GET
H2 200 anadolu-efes-100x100.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 20ms
16ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/anadolu-efes-100x100.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8ce948babfa0ccbbdd5443da46e9352665db824d7a59084e44e81d6bbe7d62b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sun, 22 Oct 2023 02:59:05 GMT
server: Akamai Image Manager
etag: "60c9cfba-765"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76330
content-length: 1735
expires: Sun, 26 Nov 2023 08:51:28 GMT

GET
H2 200 rakipbul-100x100.png
content.bilyoner.com/media/cms/photos/ 2 KB
3 KB 20ms
16ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/rakipbul-100x100.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c97e39a43c70059c71a85318bb3d8c0c41507136c2b7e3bf6a3560346b53a1c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Fri, 20 Oct 2023 07:33:43 GMT
server: Akamai Image Manager
x-serial: 1310
x-check-cacheable: YES
etag: "60c9cfc6-c44"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75057
content-length: 2488
expires: Sun, 26 Nov 2023 08:30:15 GMT

GET
H2 200 tsyd-100x100.png
content.bilyoner.com/media/cms/photos/ 3 KB
3 KB 21ms
17ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/tsyd-100x100.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

94379021e055f0760971ed41518c944bcb5e63ec2c04834387278cb0d832c33b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Mon, 23 Oct 2023 00:32:32 GMT
server: Akamai Image Manager
x-serial: 479
x-check-cacheable: YES
etag: "60c9cfc8-fea"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75068
content-length: 3111
expires: Sun, 26 Nov 2023 08:30:26 GMT

GET
H2 200 group463.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 24ms
21ms Image
image/png 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/group463.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

19ac4abc1b68ead8cc090b96714ad28e710d0559479ff841c948a501beea4ed0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Fri, 20 Oct 2023 07:31:06 GMT
server: Akamai Image Manager
x-serial: 1606
x-check-cacheable: YES
etag: "625d4975-694"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=18759
content-length: 1684
expires: Sat, 25 Nov 2023 16:51:57 GMT

GET
H2 200 slider_left_btn.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 25ms
21ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/slider_left_btn.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

11a0075cadaf536952cba2545f41439f4b97b2e3cecf668f729ad5b0c578b12c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Wed, 18 Oct 2023 01:15:01 GMT
server: Akamai Image Manager
etag: "60c9cfc7-89e"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=74780
content-length: 1198
expires: Sun, 26 Nov 2023 08:25:38 GMT

GET
H2 200 slider_right_btn.svg
www.bilyoner.com/public/images/icons/ 2 KB
1 KB 47ms
44ms Image
image/svg+xml 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bilyoner.com/public/images/icons/slider_right_btn.svg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: aaf2e27f14c1203d780006b38887c3a34688ea1f5aa8a9dfeb65b5b06b82e1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:09 GMT
server: nginx
etag: W/"795-18c01432d88"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: image/svg+xml
cache-control: public, max-age=0, private
expires: 7d

GET
H2 200 14.js Show response
www.bilyoner.com/static/ 20 KB
7 KB 48ms
45ms Script
application/javascript 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/static/14.js?v=e740c6da7d591ab5605f
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/main.js?v=e740c6da7d591ab5605f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: d8f19000c3205103711e23ecf5fec639747c4482409ad00af8778eaf0972cc49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:21:47 GMT
server: nginx
etag: W/"51b6-18c01476b78"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, private
service-worker-allowed: /
expires: 1d

GET
H2 200 messages Show response
www.bilyoner.com/cms/ 599 KB
125 KB 53ms
50ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/cms/messages
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: d579ff589842990d73c9e9e4f0258773ebd21fe23b3b22a50f1dfddd6acc1497

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
server: nginx
etag: W/"95ad1-O8+KLASegK1xbhmkm26V3CKqDEU"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/json; charset=utf-8
cache-control: private
expires: 30m

GET
H2 200 summary-all Show response
www.bilyoner.com/api/v3/mobile/aggregator/main-page/ 3 KB
1 KB 77ms
75ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/v3/mobile/aggregator/main-page/summary-all

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

a501b0c4a771b1705005fa37b55598283262f81bf51f0ae851e495cf0e6ce5e0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
via: 1.1 varnish-v4
age: 0
x-cache: HIT
content-length: 617
x-xss-protection: 1; mode=block
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 848792401 844738722
content-type: application/json
access-control-allow-origin: *
cache-control: private
accept-ranges: bytes
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 3

GET
H2 200 secondarybannerarea Show response
www.bilyoner.com/api/cms/textConfig/ 331 B
821 B 77ms
75ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/cms/textConfig/secondarybannerarea

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

cc3d47bf0f4e97460e268b020ddce071eccfec1b4b01339cbbd880ba8cd801c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish-v4
age: 65
x-cache: HIT
content-length: 179
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
vary: Accept, Cookie, Accept-Language, Origin, Accept-Encoding
allow: GET, OPTIONS
content-language: de
content-type: application/json
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 875015581 836262381
cache-control: private
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 1

GET
H2 200 mainscreenbanner Show response
www.bilyoner.com/api/cms/content/ 3 KB
1 KB 77ms
75ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/cms/content/mainscreenbanner

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

f8b7070925c260ce41cd4c1610f8eaabdfc4aea9194b832ec023b06dc603c711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish-v4
age: 989
x-cache: HIT
content-length: 659
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
vary: Accept, Cookie, Accept-Language, Origin, Accept-Encoding
allow: OPTIONS, GET
content-language: de
content-type: application/json
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 873373951 873824803
cache-control: private
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 1

GET
H2 200 slider Show response
www.bilyoner.com/api/campaigns/public/active/ 37 B
883 B 80ms
79ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/campaigns/public/active/slider

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

c87cdc0a32c6291a398eeecdc0ac9c881abea66d3a10dff4ca79517fc08d328c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
cache-control: private
x-xss-protection: 1; mode=block

GET
H2 200 MW Show response
www.bilyoner.com/api/cms/staticScreen/names/ 175 B
785 B 76ms
76ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/cms/staticScreen/names/MW

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

ba1af784a26a89623bb0bda89153ac8fe5070c72ed5b949f3bd6bb49ae09a5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
content-encoding: gzip
age: 158
x-cache: HIT
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
vary: Accept-Encoding, Accept, Cookie, Accept-Language, Origin
allow: OPTIONS, GET
content-language: de
content-type: application/json
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 874624004 853186801
cache-control: private
access-control-allow-origin: *
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 1

GET
H2 200 counter Show response
www.bilyoner.com/api/sto/programs/drawinfo/q3/ 32 B
590 B 80ms
79ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/sto/programs/drawinfo/q3/counter

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

14d86418f6e23aec1d3c35e75b078c6824e9686f9b4f407d23c1cb7c863d6a22

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: private
x-xss-protection: 1; mode=block

GET
H2 200 popular Show response
www.bilyoner.com/api/v3/mobile/aggregator/gamelist/events/selections/ 6 KB
2 KB 71ms
71ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/v3/mobile/aggregator/gamelist/events/selections/popular?tabType=9999&bulletinType=2&mainPage=true

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

a991f20cda0af595a0ef9a611818bf80ec510397eaf5e2b5a05153325a981dc7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
via: 1.1 varnish-v4
age: 36
x-cache: HIT
content-length: 1465
x-xss-protection: 1; mode=block
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 875306457 871607707
content-type: application/json
access-control-allow-origin: *
cache-control: private
accept-ranges: bytes
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 364

GET
H2 200 v1 Show response
www.bilyoner.com/api/v3/mobile/aggregator/gamelist/all/ 242 KB
36 KB 75ms
75ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/v3/mobile/aggregator/gamelist/all/v1?tabType=1&bulletinType=1

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

812700400667b6e25ee0b887cca43571595e87f097f222d4fa4b8559d867237f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
via: 1.1 varnish-v4
age: 1
x-cache: HIT
content-length: 36244
x-xss-protection: 1; mode=block
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 834590201 845061807
content-type: application/json
access-control-allow-origin: *
cache-control: private
accept-ranges: bytes
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 2

GET
H2 200 maintabs Show response
www.bilyoner.com/api/v3/mobile/aggregator/gamelist/all/ 3 KB
1 KB 71ms
71ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/v3/mobile/aggregator/gamelist/all/maintabs

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

39c102ffcc6891599d596635a2a0acfffbeed99182ff41879cf241131cf2393a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
via: 1.1 varnish-v4
age: 1
x-cache: HIT
content-length: 664
x-xss-protection: 1; mode=block
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 799600299 848337363
content-type: application/json
access-control-allow-origin: *
cache-control: private
accept-ranges: bytes
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 46

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
94 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B75WDJ

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2d89329427cfe515643378d12be1ea46dd1c951a553aa4d35f0f12d23b8cec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96300
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Nov 2023 11:39:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0PMSPH49DC&gtm=45je3b81v9171663737z8812754639&_p=1700912357807&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1470306541.1700912358&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700912358&sct=1&seg=0&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&en=page_view&_fv=1&_ss=1&ep.isCookie=false&tfd=1461
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PMSPH49DC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swiper.css
www.bilyoner.com/public/thirdParty/swiper/ 14 KB
4 KB 45ms
45ms Stylesheet
text/css 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/public/thirdParty/swiper/swiper.css
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: 21d83c4c14d64c58722f72c03ef1937cb7847f58791abacd39d6d8f3300fe4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:18 GMT
via: nginx
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 12:17:09 GMT
server: nginx
etag: W/"3645-18c01432d88"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, private
expires: 1d

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 23ms
22ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2100713105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACgAI~&jid=1331486359&gjid=813953729&cid=1470306541.1700912358&tid=UA-56629995-16&_gid=1489858499.1700912359&_slc=1&gtm=45He3b81n815B75WDJv812754639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1767849533

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

26ae02bbdb9edbf736434746620ae2faa0fc47968f0804c8c662f7001f6b6e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56629995-16&cid=1470306541.1700912358&jid=1331486359&gjid=813953729&_gid=1489858499.1700912359&_u=YCDAgEABAAAAAGgAIAC~&z=1440069971

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Nov 2023 11:39:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 23ms
22ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2100713105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bilyoner.com%2F&ul=en-us&de=UTF-8&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAEABAAAAAGgAIAC~&jid=1512415322&gjid=1074759537&cid=1470306541.1700912358&tid=UA-56629995-21&_gid=1489858499.1700912359&_r=1&_slc=1&gtm=45He3b81n815B75WDJv812754639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1670475039

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

91fb94620ff452ee6411f6361a03db26b273698031a09829bf41ba2032fc0064

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1369687263075659 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1369687263075659?v=2.9.138&r=stable&domain=www.bilyoner.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ff16b40b01f3698be420da203b37130465bc5e0f532800ade93f3274ec6d7a9a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 25 Nov 2023 11:39:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35414
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: wLPuOZU+xlIsEAQac2nfWv7u7dCGRQM2oXr4kaR+HkSdb+/73G1YR12Gj/Ei1bI4tITcMxwM/DWws1zQs5spVA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/961475748/ 42 B
327 B 30ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961475748/?random=1700912358030&cv=11&fst=1700910000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v812754639&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bilyoner.com%2F&frm=0&tiba=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&fmt=3&is_vtc=1&cid=CAQSGwDICaaN9NrzOwW9uGEXitTMjVhJhqFFcNsCNQ&random=1753581590&rmt_tld=0&ipr=y

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/961475748/ 42 B
154 B 25ms
25ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/961475748/?random=1700912358030&cv=11&fst=1700910000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v812754639&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bilyoner.com%2F&frm=0&tiba=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&fmt=3&is_vtc=1&cid=CAQSGwDICaaN9NrzOwW9uGEXitTMjVhJhqFFcNsCNQ&random=1753581590&rmt_tld=1&ipr=y

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 231ms
186ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=59b6982c-8f14-4064-b305-239c8690591b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f52629d-4b0b-4a78-9545-fe9a76e0f6f3&tw_document_href=https%3A%2F%2Fwww.bilyoner.com%2F&tw_iframe_status=0&txn_id=of533&type=javascript&version=2.3.29

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 172
date: Sat, 25 Nov 2023 11:39:18 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b128ad77df4d8fb3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: bec1d96147ec1c21f4ba081be799ad4d39261c0542957122af44ccfd90b9d08e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
722 B 225ms
186ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=59b6982c-8f14-4064-b305-239c8690591b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f52629d-4b0b-4a78-9545-fe9a76e0f6f3&tw_document_href=https%3A%2F%2Fwww.bilyoner.com%2F&tw_iframe_status=0&txn_id=of533&type=javascript&version=2.3.29

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 172
date: Sat, 25 Nov 2023 11:39:18 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2085303f98fdae60
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d0c7812cbaae2791eea5f1a9344b5f9f95f57f2c718a932d5fe6307ada462a15
content-length: 43

GET
H2 204 187017451.js Show response
bat.bing.com/p/action/ 0
116 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187017451.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 25 Nov 2023 11:39:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1E68488B7BFD4493A1F20588E9DBD665 Ref B: FRAEDGE2014 Ref C: 2023-11-25T11:39:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187017451&Ver=2&mid=363ccd5a-4ea3-4728-a4bc-a0630639610b&sid=44fe64108b8711eeb8a78bbb8bd8fa0e&vid=44ff72608b8711eea8d31b59af841636&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&p=https%3A%2F%2Fwww.bilyoner.com%2F&r=&lt=543&evt=pageLoad&sv=1&rn=230030

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 11:39:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0461F3F7F3D4DBB9F37F7678CDF9A91 Ref B: FRAEDGE2014 Ref C: 2023-11-25T11:39:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help-menu Show response
www.bilyoner.com/cms/ 1 KB
655 B 43ms
42ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/cms/help-menu
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: a7fb50141e24da80b0ee89e595c7f6edb3d1b9346d989968ca86117a437aae70

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
server: nginx
etag: W/"4b2-HSuZYDjuQ5FS0Yd4BAi7TTy4Py4"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/json; charset=utf-8
cache-control: private
expires: 30m

GET
H2 200 Cani_yesil36.png
content.bilyoner.com/media/cms/photos/ 882 B
1 KB 14ms
9ms Image
image/png 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Cani_yesil36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

84548bb8a2e0664bada5b973b56f6b44dff435e5874a2791afe2e3314c319039

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Mon, 23 Oct 2023 00:31:37 GMT
server: Akamai Image Manager
x-serial: 1696
x-check-cacheable: YES
etag: "63aea3a7-933"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76137
content-length: 882
expires: Sun, 26 Nov 2023 08:48:15 GMT

GET
H2 200 Futbol36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 15ms
10ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Futbol36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7a56603be1f135a5bdf9e9fbd62620ca1c7f12d73293a94bb76e65556cb91730

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sat, 21 Oct 2023 05:11:17 GMT
server: Akamai Image Manager
etag: "63aea3a7-988"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76237
content-length: 1051
expires: Sun, 26 Nov 2023 08:49:55 GMT

GET
H2 200 Basketbol36.png
content.bilyoner.com/media/cms/photos/ 986 B
1 KB 23ms
19ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Basketbol36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

12a4c75b1fa07d07caa74493e687fbf6e4a9378dbbc4d7a1c6f5d4dbaa483b2f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Thu, 19 Oct 2023 09:57:32 GMT
server: Akamai Image Manager
etag: "63aea3a7-983"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 986
expires: Sat, 25 Nov 2023 23:39:18 GMT

GET
H2 200 Tenis36.png
content.bilyoner.com/media/cms/photos/ 960 B
1 KB 15ms
11ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Tenis36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

2b1ad5f13021153065bab2770d6e822cd288f49d9d1100c56f39b5c50ececb2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sat, 21 Oct 2023 08:24:00 GMT
server: Akamai Image Manager
x-serial: 1830
x-check-cacheable: YES
etag: "63aea3a8-890"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=85173
content-length: 960
expires: Sun, 26 Nov 2023 11:18:51 GMT

GET
H2 200 Buzhokeyi36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 15ms
11ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Buzhokeyi36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

974da7d3847baebedac18feedb062124f604edf4691da0b549419bdc1484b6ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sat, 21 Oct 2023 05:20:15 GMT
server: Akamai Image Manager
x-serial: 2009
x-check-cacheable: YES
etag: "63aea3a7-795"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75053
content-length: 1059
expires: Sun, 26 Nov 2023 08:30:11 GMT

GET
H2 200 DuelloIcon.png
content.bilyoner.com/media/cms/photos/ 2 KB
3 KB 17ms
13ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/DuelloIcon.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

79222cabb82661279c62b132774b18e6656f4385b7c688f16cb1b1c4b4ef48b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sun, 22 Oct 2023 04:49:22 GMT
server: Akamai Image Manager
x-serial: 1527
x-check-cacheable: YES
etag: "63e0beda-1c8a"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=67186
content-length: 2419
expires: Sun, 26 Nov 2023 06:19:04 GMT

GET
H2 200 Voleybol36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 17ms
14ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Voleybol36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

cf369c4567b2c610f2fd8a9079472045339c0ea233eca06be0084ddeeffdaf8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Mon, 23 Oct 2023 01:41:39 GMT
server: Akamai Image Manager
x-serial: 1903
x-check-cacheable: YES
etag: "63aea3aa-a16"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=80258
content-length: 1037
expires: Sun, 26 Nov 2023 09:56:56 GMT

GET
H2 200 Hentbol36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 18ms
15ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Hentbol36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f4ba061f983d2c37972a04360e1ffcdcd10c333993b81af42c39edffc2074eed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Tue, 17 Oct 2023 05:44:30 GMT
server: Akamai Image Manager
x-serial: 1866
x-check-cacheable: YES
etag: "63aea3a7-96c"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 1192
expires: Sat, 25 Nov 2023 23:39:18 GMT

GET
H2 200 snooker_tXQwVZN.png
content.bilyoner.com/media/cms/photos/ 4 KB
4 KB 19ms
16ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/snooker_tXQwVZN.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

4e21b2666aa4534c57b6aa96f52964c694e03796e5a775d24c2a4135e868dcbe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Fri, 20 Oct 2023 07:31:08 GMT
server: Akamai Image Manager
etag: "63f73c2c-1fe1"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=25835
content-length: 3785
expires: Sat, 25 Nov 2023 18:49:53 GMT

GET
H2 200 UV_Futbol36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 20ms
17ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/UV_Futbol36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

d3d68e4a16fc086ada99c2c4dbfa4d7635c2aac5be6789ce19770f04bd289185

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Mon, 23 Oct 2023 00:23:58 GMT
server: Akamai Image Manager
etag: "63aea3a9-b12"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=73318
content-length: 1190
expires: Sun, 26 Nov 2023 08:01:16 GMT

GET
H2 200 UV_Motor_Sporlari36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 22ms
20ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/UV_Motor_Sporlari36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

269c708bfd92d4778c66fde372c9d04ce51056b548a4d5d2315b15f5e7b46311

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sat, 21 Oct 2023 05:16:02 GMT
server: Akamai Image Manager
x-serial: 480
x-check-cacheable: YES
etag: "63aea3a9-ac2"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=70952
content-length: 1264
expires: Sun, 26 Nov 2023 07:21:50 GMT

GET
H2 200 UV_Basketbol36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 23ms
20ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/UV_Basketbol36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

dc6ac51bb003a2df54066648aeee60a48b7853f24bc1f3b4fa62723ff9af07c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sun, 22 Oct 2023 02:49:19 GMT
server: Akamai Image Manager
etag: "63aea3a8-a92"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=74412
content-length: 1159
expires: Sun, 26 Nov 2023 08:19:30 GMT

GET
H2 200 UV_Buz_Hokeyi36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 23ms
21ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/UV_Buz_Hokeyi36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

5ee347c33b178f595fc66d778830d035b78f7175095b79744965ddab8e4526fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Wed, 18 Oct 2023 12:17:21 GMT
server: Akamai Image Manager
x-serial: 1618
x-check-cacheable: YES
etag: "63aea3a9-a24"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 1228
expires: Sat, 25 Nov 2023 23:39:18 GMT

GET
H2 200 UV_Voleybol36.png
content.bilyoner.com/media/cms/photos/ 1 KB
1 KB 24ms
22ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/UV_Voleybol36.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

76278f4545bd80a6762186972e2d209207cc576c716462feec93b12b96ea0b26

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sun, 22 Oct 2023 02:51:25 GMT
server: Akamai Image Manager
x-serial: 1116
x-check-cacheable: YES
etag: "63aea3aa-afe"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=77460
content-length: 1258
expires: Sun, 26 Nov 2023 09:10:18 GMT

GET
H2 200 uzay3x_OVv3lmS.png
content.bilyoner.com/media/cms/photos/ 2 KB
3 KB 24ms
22ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/uzay3x_OVv3lmS.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

6fcd74c53be0b57667b228ed9ec288ce22c1051322c14c6ba0af81b48fdddba7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Fri, 17 Nov 2023 09:14:46 GMT
server: Akamai Image Manager
x-serial: 2021
x-check-cacheable: YES
etag: "65572ee1-66a9"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=8781
content-length: 2539
expires: Sat, 25 Nov 2023 14:05:39 GMT

GET
H2 200 yazarlar-buton.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 25ms
23ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/yazarlar-buton.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

843ac08ae74f4ab3a1c96b2305616f7425b2c10abf1e502236744b7edf02b077

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Fri, 20 Oct 2023 07:32:09 GMT
server: Akamai Image Manager
x-serial: 748
x-check-cacheable: YES
etag: "636d02e3-64bf"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=74977
content-length: 1702
expires: Sun, 26 Nov 2023 08:28:55 GMT

GET
H2 200 ISTANBULSPOR_HATAYSPOR_MOBIL.jpg
content.bilyoner.com/media/cms/photos/ 23 KB
24 KB 11ms
10ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/ISTANBULSPOR_HATAYSPOR_MOBIL.jpg

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9d90900e091420385f50b09996f39aa5666699d6d4f2754ab1421707b54b9314

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:18 GMT
last-modified: Sat, 25 Nov 2023 03:10:13 GMT
server: Akamai Image Manager
etag: "6560b106-12892"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=55788
content-length: 23948
expires: Sun, 26 Nov 2023 03:09:06 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Nov 2023 12:10:59 GMT

GET
H2 200 banner Show response
www.bilyoner.com/api/v3/mobile/aggregator/main-page/ 39 KB
5 KB 44ms
44ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/v3/mobile/aggregator/main-page/banner?banners%5B0%5D.eventId=1370775&banners%5B0%5D.markets=4-4&banners%5B1%5D.eventId=1405874&banners%5B1%5D.markets=4-71&banners%5B2%5D.eventId=1371477&banners%5B2%5D.markets=1-1&banners%5B3%5D.eventId=1368165&banners%5B3%5D.markets=1-1&banners%5B4%5D.eventId=1367364&banners%5B4%5D.markets=1-1&banners%5B5%5D.eventId=1405889&banners%5B5%5D.markets=1-2

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

95150df602b06b4f67d5ba3e794dcadb3bf1cd9c879abf14325df1723e0031d8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
via: 1.1 varnish-v4
age: 3
x-cache: HIT
content-length: 4478
x-xss-protection: 1; mode=block
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, CONNECT, TRACE
x-varnish: 38071506 821427921
content-type: application/json
access-control-allow-origin: *
cache-control: private
accept-ranges: bytes
access-control-allow-headers: x-auth-token, Content-Type, X-DEVICE-ID, X-CLIENT-CHANNEL, X-CLIENT-BROWSER-VERSION, X-CLIENT-OS-VERSION, X-CLIENT-APP-VERSION
x-cache-hits: 1

GET
H2 200 sorumlu.png
content.bilyoner.com/media/cms/photos/ 226 B
427 B 11ms
11ms Image
image/webp 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/sorumlu.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

a385b88f20d9bb2711635788aacc519dd0b8c993f137b2b6c08897d20034e2da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Thu, 19 Oct 2023 10:09:11 GMT
server: Akamai Image Manager
etag: "648091a4-14b"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 226
expires: Sat, 25 Nov 2023 23:39:19 GMT

GET
H2 200 Futbol25.png
content.bilyoner.com/media/cms/photos/ 795 B
998 B 12ms
11ms Image
image/png 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Futbol25.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

2ed390fd2088fb30b98d6c15dd1f775d5874ac8103263804fea3d09b012e1a57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Sun, 22 Oct 2023 02:46:36 GMT
server: Akamai Image Manager
etag: "63aea28b-6ed"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76055
content-length: 795
expires: Sun, 26 Nov 2023 08:46:54 GMT

POST
H2 200 sport-list Show response
www.bilyoner.com/api/mobile/live-score/event/ 7 KB
2 KB 61ms
61ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/mobile/live-score/event/sport-list

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

e896fd72ed6b97558f8d9cc7d9c84f3273e126b5831e50a449275073f19fa94c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-APP-VERSION: 3.56.9
X-CLIENT-CHANNEL: WEB
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 BODRUMSPOR_BAHCESEHIR_MOBIL.jpg
content.bilyoner.com/media/cms/photos/ 25 KB
25 KB 12ms
11ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/BODRUMSPOR_BAHCESEHIR_MOBIL.jpg

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

1e19a057012e9ef20ae6fde553a4dfb7a388c3cf53c6b3dc561475a17f79c7e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Sat, 25 Nov 2023 10:00:10 GMT
server: Akamai Image Manager
x-serial: 1821
x-check-cacheable: YES
etag: "6560b105-16448"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=80449
content-length: 25568
expires: Sun, 26 Nov 2023 10:00:08 GMT

GET
H2 200 Futbol90.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 13ms
11ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/Futbol90.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

eedab12c7b928dfe1856369be5bca245105f1bd9f67c6eefd70005c68128d77e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Mon, 23 Oct 2023 00:22:19 GMT
server: Akamai Image Manager
x-serial: 1691
x-check-cacheable: YES
etag: "63aea3de-1870"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=76125
content-length: 2194
expires: Sun, 26 Nov 2023 08:48:04 GMT

GET
H2 200 livebasketball6.png
content.bilyoner.com/media/cms/photos/ 1 KB
2 KB 16ms
15ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/livebasketball6.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9cb6d4aeae515f02b7a57872dec22e868a3a0b1536253ef09531aa80ffd610f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Mon, 23 Oct 2023 00:28:24 GMT
server: Akamai Image Manager
x-serial: 278
x-check-cacheable: YES
etag: "600177e9-176d"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75138
content-length: 1490
expires: Sun, 26 Nov 2023 08:31:37 GMT

GET
H2 200 livetennis6.png
content.bilyoner.com/media/cms/photos/ 1 KB
2 KB 18ms
17ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/livetennis6.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3b770e69eba7b52248d972f063ad9cc3b77c6b47e5c32567e51a0cf584c1f169

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Mon, 23 Oct 2023 00:57:11 GMT
server: Akamai Image Manager
x-serial: 51
x-check-cacheable: YES
etag: "600177ea-1ab0"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=17206
content-length: 1351
expires: Sat, 25 Nov 2023 16:26:05 GMT

GET
H2 200 liveicehockey6.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 16ms
16ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/liveicehockey6.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

65e11ebd7274324d63c08f12621593cd86f161e9b7be521cdb94be31aeac9a06

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Sun, 22 Oct 2023 02:54:15 GMT
server: Akamai Image Manager
etag: "600177ea-1395"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=75769
content-length: 1605
expires: Sun, 26 Nov 2023 08:42:08 GMT

GET
H2 200 livevolleyball6.png
content.bilyoner.com/media/cms/photos/ 2 KB
2 KB 17ms
16ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/livevolleyball6.png

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8858b22c17f42da16c07fd86de2e0a314f5ef2c0b9738cdb3c96e463eaa55693

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Thu, 19 Oct 2023 10:00:51 GMT
server: Akamai Image Manager
x-serial: 1883
x-check-cacheable: YES
etag: "600177ea-1d21"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
content-length: 1562
expires: Sat, 25 Nov 2023 23:39:19 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfv0UwbAAAAABQvH6kgBNZDbxAE0l_qd7b2jLnw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bilyoner.com/
Origin: https://www.bilyoner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 10:05:34 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B468 15 KB
6 KB 55ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.bilyoner.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bilyoner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 11:39:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 346320
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
94 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CPFKSMWSQC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b73cfda567992a191c8ef927d16cde06a9236f700721e2408c253db9c7469fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Nov 2023 11:39:19 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56629995-16&cid=1470306541.1700912358&jid=1331486359&_u=YCDAgEABAAAAAGgAIAC~&z=579432847

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56629995-16&cid=1470306541.1700912358&jid=1331486359&_u=YCDAgEABAAAAAGgAIAC~&z=579432847

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56629995-21&cid=1470306541.1700912358&jid=1512415322&gjid=1074759537&_gid=1489858499.1700912359&_u=YCDAAEABAAAAAGgAIAC~&z=1334069419

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Nov 2023 11:39:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6R5FN1E3W1&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e910d1be2700ec0b03a96802249b6c19f98108ad2fc6066bf9b155e0fbd51fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Nov 2023 11:39:19 GMT

POST
H2 200 sport-list Show response
www.bilyoner.com/api/mobile/live-score/event/ 1 KB
1 KB 54ms
52ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bilyoner.com/api/mobile/live-score/event/sport-list

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

host-92-45-9-90.reverse.superonline.net

Software

nginx /

Resource Hash

d85088375ae84df94bd7ce7e8c8551582a620811d81b147d102d92b8160df1a9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-APP-VERSION: 3.56.9
X-CLIENT-CHANNEL: WEB
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H2 200 event Show response
event.dengage.com/api/web/ 1 B
178 B 1198ms
53ms Fetch
text/plain 195.42.242.247
DALNET-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dengage.com/api/web/event
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.42.242.247 , United Kingdom, ASN51540 (DALNET-ASN, TR),
Reverse DNS: static-mail-242-247.engines.dengage.net
Software: openresty/1.21.4.3 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 11:39:20 GMT
access-control-allow-credentials: true
server: openresty/1.21.4.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain, text/plain

GET
H2 200 bank-info Show response
www.bilyoner.com/cms/ 6 KB
1 KB 43ms
42ms XHR
application/json 92.45.9.90
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bilyoner.com/cms/bank-info
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.45.9.90 Ankara, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-9-90.reverse.superonline.net
Software: nginx /
Resource Hash: e342157c1ac40492362b31b937f03eba86ed2b384d8f545296d8ee58f972ba5f

Request headers

X-CLIENT-BROWSER-VERSION: Chrome / v119.0.6045.159
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CLIENT-CHANNEL: WEB
X-CLIENT-APP-VERSION: 3.56.9
Accept: application/json, text/plain, */*
Referer: https://www.bilyoner.com/
X-DEVICE-ID: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952

Response headers

x-proxy-cache: HIT
date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
server: nginx
etag: W/"19ce-G1YGBjRURpedSeiV0tEn0wMYNLU"
vary: Accept-Encoding, Accept-Encoding, User-Agent
content-type: application/json; charset=utf-8
cache-control: private
expires: 30m

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 59ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1369687263075659&ev=PageView&dl=https%3A%2F%2Fwww.bilyoner.com%2F&rl=&if=false&ts=1700912359217&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700912359215.526868494&ler=empty&it=1700912358915&coo=false&rqm=GET

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 25 Nov 2023 11:39:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2100713105&t=event&cu=TRY&_s=1&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Promotion&el=Promotion%20Impression&ev=0&_u=aCDAgEALAAAAAGgMIAC~&jid=&gjid=&cid=1470306541.1700912358&tid=UA-56629995-16&_gid=1489858499.1700912359&gtm=45He3b81n815B75WDJv812754639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&promo1id=30975&promo1nm=istanbul%20hatay%20canl%C4%B1&promo1ps=Homepage%20%7C%20Slider%20%7C%200&z=1808182401

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 10:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3870
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 67ms
66ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56629995-21&cid=1470306541.1700912358&jid=1512415322&_u=YCDAAEABAAAAAGgAIAC~&z=810863231

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56629995-21&cid=1470306541.1700912358&jid=1512415322&_u=YCDAAEABAAAAAGgAIAC~&z=810863231

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6R5FN1E3W1&gtm=45je3b81v9124657626&_p=1700912357807&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1470306541.1700912358&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&sid=1700912359&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1924
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6R5FN1E3W1&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 21ms
20ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6R5FN1E3W1&cid=1470306541.1700912358&gtm=45je3b81v9124657626&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6R5FN1E3W1&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 37ms
37ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6R5FN1E3W1&cid=1470306541.1700912358&gtm=45je3b81v9124657626&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1878126399

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CPFKSMWSQC&gtm=45je3b81v886831908&_p=1700912357807&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1470306541.1700912358&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dp=%2F&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&sid=1700912359&sct=1&seg=0&en=page_view&_fv=1&_ss=2&_ee=1&tfd=1966
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CPFKSMWSQC&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 22ms
21ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CPFKSMWSQC&cid=1470306541.1700912358&gtm=45je3b81v886831908&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CPFKSMWSQC&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CPFKSMWSQC&cid=1470306541.1700912358&gtm=45je3b81v886831908&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1603231461

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D776 61 KB
35 KB 37ms
37ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfv0UwbAAAAABQvH6kgBNZDbxAE0l_qd7b2jLnw&co=aHR0cHM6Ly93d3cuYmlseW9uZXIuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=8fbmuk5ds9e0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bce1c6ba6a3f28cca9f52a85b92341daaada3f57df4913a24f01fcb118f4e1b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F-L9tqk1jI2kMeraLv76hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bilyoner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-F-L9tqk1jI2kMeraLv76hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 11:39:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame B468
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=bilyoner.com&sn=ChromeSyncframe&so=0&topUrl=www.bilyoner.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=5oPhh3xLOGhrVlFIZmRtWlB3Q1NwOUl5UWxUbW9aamhLblVCNGVzOEoyMHlJd21UeXRwSWRHQ3pid3N3ejF1cTgyV0dWc2RRT1JWbkx2UXVmLzJyS0tvR2t0NDZlUUhSUnk4eU9jSGFUUllTcHJuaGVzZTgwYnRVcFI0SU...

433 B
658 B

24ms
23ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5oPhh3xLOGhrVlFIZmRtWlB3Q1NwOUl5UWxUbW9aamhLblVCNGVzOEoyMHlJd21UeXRwSWRHQ3pid3N3ejF1cTgyV0dWc2RRT1JWbkx2UXVmLzJyS0tvR2t0NDZlUUhSUnk4eU9jSGFUUllTcHJuaGVzZTgwYnRVcFI0SUFqbWk0Uk1QU0ZUWEtNN2JWa0hlM2VKM2puOWJJOXJJby9sc2piZVZ4WnhnZmxiRDc0L1o1KzYzMHplNkNXQ2s1ZmZUQkZuY2Vxa2YreDFHQlRuNnFqUVFXQ1UweWd6cTF2QlNoS0I5V3cxKy9JWGh0R2swRGhUeDhqT2hoSnBGZDZWNklPQnRiME1BRDJyamEvRmNLdjdueW5FVVVyQT09fA&cppv=2

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c668b3e193951390c42b313dc6a3329bcfd219007f4905c25efd870abf94a9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1077552
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5oPhh3xLOGhrVlFIZmRtWlB3Q1NwOUl5UWxUbW9aamhLblVCNGVzOEoyMHlJd21UeXRwSWRHQ3pid3N3ejF1cTgyV0dWc2RRT1JWbkx2UXVmLzJyS0tvR2t0NDZlUUhSUnk4eU9jSGFUUllTcHJuaGVzZTgwYnRVcFI0SUFqbWk0Uk1QU0ZUWEtNN2JWa0hlM2VKM2puOWJJOXJJby9sc2piZVZ4WnhnZmxiRDc0L1o1KzYzMHplNkNXQ2s1ZmZUQkZuY2Vxa2YreDFHQlRuNnFqUVFXQ1UweWd6cTF2QlNoS0I5V3cxKy9JWGh0R2swRGhUeDhqT2hoSnBGZDZWNklPQnRiME1BRDJyamEvRmNLdjdueW5FVVVyQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 301986
content-length: 0
expires: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/bilyoner-81fb0/ 623 B
676 B 291ms
290ms Fetch
application/json 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bilyoner-81fb0/installations

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

014b5e2161dbaa2505411cce45157e0025f762a718783a92305d56be371020cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.bilyoner.com/
x-goog-api-key: AIzaSyC4-SJMcDrjsU69cI-FR8pJ7OhBcWitBmk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bilyoner.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/bilyoner-81fb0/ Frame 0
0 89ms
27ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bilyoner-81fb0/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.bilyoner.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.bilyoner.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 25 Nov 2023 11:39:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D776 55 KB
24 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfv0UwbAAAAABQvH6kgBNZDbxAE0l_qd7b2jLnw&co=aHR0cHM6Ly93d3cuYmlseW9uZXIuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=8fbmuk5ds9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 20:55:40 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D776 468 KB
188 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 10:05:34 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 72ms
34ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=38407&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dvh&p4=e%3Ddis&adce=1&bundle=Q3QTJF9CS01nQXdmOHQ1OEU0RG5GdkhMY2RqSjYyNFF2V1dmMFEzbGxVOWZFS0hUck1lQmlEaUR4RyUyRjJkbnptRTRGTG45R0cybTElMkJqJTJGY0FrN1RuJTJCV1h6WGZHSnBxVzZIczlJS2NuYUV4VGhJV3l4JTJCbnVla3RSdEFvcU5PM2hPJTJGc05HQUU2dG1BQTljMXNISjRGbFltZXVwJTJCZyUzRCUzRA&tld=bilyoner.com&fu=https%253A%252F%252Fwww.bilyoner.com%252F&ceid=bbf6b700-bb60-4e03-92e9-4175918e8df7&dtycbr=51493

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e1341fa8167ccff97d63a2a69df402dbf47bce88446b238c72faccc6e121aad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 20174342
timing-allow-origin: *
expires: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D776 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 12:32:18 GMT
x-content-type-options: nosniff
age: 601621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 25 Nov 2023 12:32:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D776 15 KB
15 KB 83ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 31276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D776 15 KB
16 KB 76ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:52:48 GMT
x-content-type-options: nosniff
age: 60391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:52:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D776 102 B
135 B 52ms
52ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfv0UwbAAAAABQvH6kgBNZDbxAE0l_qd7b2jLnw&co=aHR0cHM6Ly93d3cuYmlseW9uZXIuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=8fbmuk5ds9e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 25 Nov 2023 11:39:19 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C8D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_cm&google_hm=ay1LU1BKTWdFcVh5c2hpODJGNTBsRW5fa09obGxJMFR3Z...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0

43 B
369 B

38ms
23ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 866197
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame C8D4 43 B
146 B 88ms
8ms Image
image/gif 18.196.230.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-VrZuxQEqXyshi82F50lEn_kOhllqA4MBE_uRvA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C8D4
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099

43 B
370 B

41ms
24ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1060842
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
an-x-request-uuid: f98d2942-0aa1-484a-a402-c3cb2290a1d8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099
x-proxy-origin: 178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame C8D4 53 B
784 B 211ms
161ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_YNcsQEqXyshi82F50lEn_kOhlmWGu-1SCxrlA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 11:39:19 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 25 Nov 2023 11:39:19 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C8D4 0
239 B 62ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-yDOANQEqXyshi82F50lEn_kOhlko-CnLDyF1QQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame C8D4 43 B
114 B 180ms
20ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-DjovkwEqXyshi82F50lEn_kOhlnTx3lafJ0nKw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C8D4 0
99 B 74ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-nv_QKgEqXyshi82F50lEn_kOhlkbgF-Zlg9hjw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13221

GET
H2 200 um
criteo-sync.teads.tv/ Frame C8D4 23 B
163 B 96ms
53ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-sdqROQEqXyshi82F50lEn_kOhlmxx3o-gkYmzw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 25 Nov 2023 11:39:19 GMT
pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame C8D4 37 B
140 B 39ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-X9b26gEqXyshi82F50lEn_kOhlnOVKPusb69lA&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame C8D4 0
125 B 88ms
10ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-k-0hqwEqXyshi82F50lEn_kOhlmMck3LjUdAlQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame C8D4 43 B
163 B 109ms
30ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-RXFtYwEqXyshi82F50lEn_kOhllaLY4l4zc07w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame C8D4 49 B
385 B 165ms
38ms Image
image/gif 34.248.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-MvABCwEqXyshi82F50lEn_kOhlkjpia__7GMCg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.177.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-177-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 5
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame C8D4
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Us4JmQEqXyshi82F50lEn_kOhlmeee87OLwQcQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Us4JmQEqXyshi82F50lEn_kOhlmeee87OLwQcQ&C=1

43 B
323 B

34ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Us4JmQEqXyshi82F50lEn_kOhlmeee87OLwQcQ&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe26XESILke%2BSXonoFeC4BNdHUIOTkgEG63ajrmmgMdfgcCKiW5QBxVT00beYDxP7q93IuR5K9RiNpTqIZ%2FBAFEwQ1zTKfmt3rhNOKw8ZPuyPzbdEcF22W9cmyGISHmQrhbS"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82b99c48f9cd367b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=660Glxz0hhpzqGkJ354o1SvLQrwC8tv0wUJ0lJCRYAUtiy4oV9fijgBzTzANoYF3VkhTlkx7HaaXmsP4KY%2FiK24hnnKROd4VsNZtcV8FJL2qBj2waoamO3VvZQGoQzleHA4k"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-Us4JmQEqXyshi82F50lEn_kOhlmeee87OLwQcQ&C=1
cache-control: no-cache
cf-ray: 82b99c48b96a367b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame C8D4
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=M1haqyhpGiZkvwNdQJ4hDD70t1yets0Q
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=M1haqyhpGiZkvwNdQJ4hDD70t1yets0Q

42 B
717 B

39ms
36ms

Image
image/gif

54.77.45.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=M1haqyhpGiZkvwNdQJ4hDD70t1yets0Q

Protocol

Server

54.77.45.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-45-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: wRh8SX5MQpA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0b83a3e88.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: uBZ0se5BSwM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=M1haqyhpGiZkvwNdQJ4hDD70t1yets0Q
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame C8D4 43 B
921 B 70ms
18ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-RjYB1AEqXyshi82F50lEn_kOhlkpokVP_ZmeSQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame C8D4 43 B
199 B 161ms
32ms Image
image/gif 54.195.232.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dHGSvQEqXyshi82F50lEn_kOhll65imyMxEujQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.195.232.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-232-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 11:39:19 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame C8D4 42 B
274 B 73ms
21ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-QEY8wQEqXyshi82F50lEn_kOhlmbnTXYLuiXmg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame C8D4 0
879 B 79ms
10ms Image
text/html 54.93.209.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-v6Mx4gEqXyshi82F50lEn_kOhlnzGCY1ZlrATQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.209.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-209-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame C8D4 43 B
423 B 362ms
106ms Image
image/gif 54.88.4.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-1p2vJAEqXyshi82F50lEn_kOhlmnicnq7x7OdA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.4.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-4-137.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame C8D4 0
145 B 374ms
92ms Image
text/plain 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-DJJLWQEqXyshi82F50lEn_kOhlltFxNjCTYANQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 25 Nov 2023 11:39:20 GMT
Cache-Control: no-cache
X-TraceId: e36e831968a938930a05ab98b7f9c6c7
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C8D4 0
225 B 94ms
19ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k--mEp9gEqXyshi82F50lEn_kOhln_Ldg68XZq2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame C8D4 0
0 109ms
31ms Image
application/json 54.77.121.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-y9cytQEqXyshi82F50lEn_kOhlmZLQx_iNURjA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.77.121.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-121-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 204 v1
match.sharethrough.com/sync/ Frame C8D4 0
35 B 61ms
10ms Image
text/plain 18.195.110.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-tex0GgEqXyshi82F50lEn_kOhlkY0wxWiJTqTg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.110.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame C8D4 43 B
399 B 390ms
103ms Image
image/gif 2600:1f18:612b:4232:d5ff:1540:2e33:3aaf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Rd3BIwEqXyshi82F50lEn_kOhlkyFmEcBExCyA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:d5ff:1540:2e33:3aaf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 25 Nov 2023 11:39:20 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame C8D4 0
235 B 64ms
27ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-0aXOAgEqXyshi82F50lEn_kOhllVP6K83r0nlQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Nov 2023 11:39:19 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 24 Nov 2023 11:39:19 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame C8D4 0
38 B 150ms
37ms Image
text/plain 99.80.178.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-5FZAUwEqXyshi82F50lEn_kOhlnPCtF1o5e0XQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.178.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-178-10.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
content-length: 0

GET
H2 200 dlc1.67.js Show response
dbfukofby5ycr.cloudfront.net/a9/js/ 80 KB
26 KB 55ms
9ms Script
application/javascript 18.66.107.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbfukofby5ycr.cloudfront.net/a9/js/dlc1.67.js
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-107-190.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e03e45dc9f517df1d762e30f4d64b16b36357bc0443fee0959b45f859683476a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 07:00:20 GMT
content-encoding: gzip
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jan 2023 00:21:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 5632740
etag: W/"83b4448b26c95c797e7c0faf2bde0698"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, immutable
x-amz-cf-id: kQHNF97mdRNsgLvhXRoZef9mMt5txEso5tHf9AlwKxRKwCfO8V90BQ==

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame C8D4 0
15 B 15ms
12ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-k-0hqwEqXyshi82F50lEn_kOhlmMck3LjUdAlQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame C8D4 43 B
856 B 14ms
13ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-xgzvowEqXyshi82F50lEn_kOhlmDfxMMb5O0GQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
an-x-request-uuid: 2bf3c11c-4c9e-484e-9f3b-870410f0ba19
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C8D4
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hCnid1TWjHB8C-H9CNlDQuDpZ3oV7dgH

0
337 B

135ms
30ms

Image
text/plain

34.246.253.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hCnid1TWjHB8C-H9CNlDQuDpZ3oV7dgH
Protocol: H2
Server: 34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Sat, 25 Nov 2023 11:39:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1700912360
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=hCnid1TWjHB8C-H9CNlDQuDpZ3oV7dgH
date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 779650
content-length: 0

GET
H2 200 d Show response
bilyoner.webinstats.com/ 0
252 B 54ms
10ms XHR
application/javascript 35.156.208.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bilyoner.webinstats.com/d?s=1656&p=%2F&sunq=1&a=a&cookieenb=1&ps=%2F&bl=en-US&incg=f&plt=Desktop&os=Windows&osv=10&br=chrome&brv=119&bwh=1600X1200&dwh=1600X3021&swh=1600X1200X24&ur=https%3A%2F%2Fwww.bilyoner.com%2F&ep=%2F&uids=155493ab-b1b6-40a9-8cd7-c7ae52ee4f45%7C0%7C1700912359972%7C1700912359972&usrnl=0&bly_type=checkout&ftu=1&vc=1&pvc=1&wiswebpushupdate=1&wisrandom=39&wispnsp=1&bly_betcategory=Futbol&wis_vstl=1700912360&

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.208.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-208-108.eu-central-1.compute.amazonaws.com

Software

60 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
strict-transport-security: max-age=31536000
server: 60
f: s
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H3 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/bilyoner-81fb0/namespaces/ 202 B
150 B 31ms
31ms Fetch
application/json 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/bilyoner-81fb0/namespaces/firebase:fetch?key=AIzaSyC4-SJMcDrjsU69cI-FR8pJ7OhBcWitBmk

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c3c762c92468d0674926844b7b53a900dbaf93f55fc7b0289a0b2e1a46ce3a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://www.bilyoner.com/
If-None-Match: *
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-bilyoner-81fb0-firebase-fetch-1735366509
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bilyoner.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/bilyoner-81fb0/namespaces/ Frame 0
0 45ms
30ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/bilyoner-81fb0/namespaces/firebase:fetch?key=AIzaSyC4-SJMcDrjsU69cI-FR8pJ7OhBcWitBmk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://www.bilyoner.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.bilyoner.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 25 Nov 2023 11:39:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame C8D4
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cLXu5lcyNJJFZVFtBqncC9neW90GlJaJ

35 B
268 B

355ms
105ms

Image
image/gif

3.18.128.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cLXu5lcyNJJFZVFtBqncC9neW90GlJaJ
Protocol: H2
Server: 3.18.128.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-128-164.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
x-bt-requestid: 45dcfb20-8b87-11ee-9cbd-0000ac1700e3
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=cLXu5lcyNJJFZVFtBqncC9neW90GlJaJ
date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 957008
content-length: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 25ms
24ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=38407&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B1368165%252C1370728%252C1371456%255D&p3=e%3Ddis&adce=1&bundle=Q3QTJF9CS01nQXdmOHQ1OEU0RG5GdkhMY2RqSjYyNFF2V1dmMFEzbGxVOWZFS0hUck1lQmlEaUR4RyUyRjJkbnptRTRGTG45R0cybTElMkJqJTJGY0FrN1RuJTJCV1h6WGZHSnBxVzZIczlJS2NuYUV4VGhJV3l4JTJCbnVla3RSdEFvcU5PM2hPJTJGc05HQUU2dG1BQTljMXNISjRGbFltZXVwJTJCZyUzRCUzRA&tld=bilyoner.com&fu=https%253A%252F%252Fwww.bilyoner.com%252F&ceid=d65ec859-649c-4186-9839-dd7dee3637de&dtycbr=15560

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3a0690bf7a3c3cad0ea62d3fc3c5bc4ea56748138fe83bb526408f51b4e80511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8453415
timing-allow-origin: *
expires: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame FCB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_cm&google_hm=ay1LU1BKTWdFcVh5c2hpODJGNTBsRW5fa09obGxJMFR3Z...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0

43 B
369 B

16ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 719000
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KSPJMgEqXyshi82F50lEn_kOhllI0Twgi_Q1ug&google_gid=CAESEC0YUBTwgljjniItPoTedhg&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame FCB0 43 B
145 B 17ms
8ms Image
image/gif 18.196.230.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-VrZuxQEqXyshi82F50lEn_kOhllqA4MBE_uRvA&expires=30
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame FCB0
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099

43 B
370 B

19ms
16ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1287514
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
an-x-request-uuid: 659dba28-f0ab-472d-bc80-9c0672be4568
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=766374957777029099
x-proxy-origin: 178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame FCB0 53 B
620 B 61ms
53ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_YNcsQEqXyshi82F50lEn_kOhlmWGu-1SCxrlA

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 11:39:20 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 25 Nov 2023 11:39:20 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame FCB0 43 B
113 B 31ms
22ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-DjovkwEqXyshi82F50lEn_kOhlnTx3lafJ0nKw
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame FCB0 23 B
163 B 43ms
35ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-sdqROQEqXyshi82F50lEn_kOhlmxx3o-gkYmzw
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 25 Nov 2023 11:39:20 GMT
pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame FCB0 37 B
139 B 18ms
11ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-X9b26gEqXyshi82F50lEn_kOhlnOVKPusb69lA&dongle=013b
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pixel
cm.adform.net/ Frame FCB0 43 B
162 B 34ms
26ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-RXFtYwEqXyshi82F50lEn_kOhllaLY4l4zc07w
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame FCB0 49 B
384 B 43ms
36ms Image
image/gif 34.248.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-MvABCwEqXyshi82F50lEn_kOhlkjpia__7GMCg

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.177.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-177-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 1
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 4
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H3 200 rum
r.casalemedia.com/ Frame FCB0 43 B
757 B 35ms
30ms Image
image/gif 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Us4JmQEqXyshi82F50lEn_kOhlmeee87OLwQcQ
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFYkwt38H0kbPaOc59vIYa1gM2CoMOmofCb9FCYrl3XxgZfWYC7SW0GEXt3dGRrGSDOqyqoSItglS1TY4tCjtPbZk7SsysWW%2B4sAydtR%2F06ELpMl2NwA%2BUwc%2FReyspRSjqMK"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82b99c4b6b0103ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

ibs:dpid=28645&dpuuid=R4O8AW9RoI87l83EticJnFOzsGsyPcVM
dpm.demdex.net/ Frame FCB0
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R4O8AW9RoI87l83EticJnFOzsGsyPcVM

42 B
717 B

36ms
35ms

Image
image/gif

54.77.45.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R4O8AW9RoI87l83EticJnFOzsGsyPcVM

Protocol

Server

54.77.45.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-45-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-039b58785.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: wLkuMbogQLY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R4O8AW9RoI87l83EticJnFOzsGsyPcVM
date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 768252
content-length: 0

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame FCB0 43 B
920 B 23ms
17ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-RjYB1AEqXyshi82F50lEn_kOhlkpokVP_ZmeSQ

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 25 Nov 2023 11:39:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame FCB0 43 B
198 B 39ms
32ms Image
image/gif 54.195.232.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dHGSvQEqXyshi82F50lEn_kOhll65imyMxEujQ
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.195.232.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-232-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 11:39:20 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame FCB0 42 B
103 B 29ms
23ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-QEY8wQEqXyshi82F50lEn_kOhlmbnTXYLuiXmg
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:19 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame FCB0 43 B
422 B 112ms
107ms Image
image/gif 54.88.4.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-1p2vJAEqXyshi82F50lEn_kOhlmnicnq7x7OdA
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.4.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-4-137.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame FCB0 0
145 B 93ms
90ms Image
text/plain 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-DJJLWQEqXyshi82F50lEn_kOhlltFxNjCTYANQ&initiator=partner
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 25 Nov 2023 11:39:20 GMT
Cache-Control: no-cache
X-TraceId: b4a9f187e0e450a11ea6c2916253dd23
Content-Length: 0

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame FCB0 43 B
399 B 109ms
104ms Image
image/gif 2600:1f18:612b:4232:d5ff:1540:2e33:3aaf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Rd3BIwEqXyshi82F50lEn_kOhlkyFmEcBExCyA
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:d5ff:1540:2e33:3aaf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 25 Nov 2023 11:39:20 GMT
server: nginx
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame FCB0 0
44 B 59ms
8ms Image
text/plain 3.123.198.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-nuEU9QEqXyshi82F50lEn_kOhlmlhmOKbqrOZA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.198.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-198-250.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
server: awselb/2.0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame FCB0 0
239 B 14ms
11ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-yDOANQEqXyshi82F50lEn_kOhlko-CnLDyF1QQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame FCB0 0
98 B 20ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-nv_QKgEqXyshi82F50lEn_kOhlkbgF-Zlg9hjw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13282

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame FCB0 0
38 B 18ms
14ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-k-0hqwEqXyshi82F50lEn_kOhlmMck3LjUdAlQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame FCB0 0
877 B 15ms
11ms Image
text/html 54.93.209.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-v6Mx4gEqXyshi82F50lEn_kOhlnzGCY1ZlrATQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.209.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-209-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FCB0 0
74 B 25ms
21ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k--mEp9gEqXyshi82F50lEn_kOhln_Ldg68XZq2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame FCB0 0
0 36ms
33ms Image
application/json 54.77.121.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-y9cytQEqXyshi82F50lEn_kOhlmZLQx_iNURjA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.77.121.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-121-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 204 v1
match.sharethrough.com/sync/ Frame FCB0 0
34 B 13ms
10ms Image
text/plain 18.195.110.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-tex0GgEqXyshi82F50lEn_kOhlkY0wxWiJTqTg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.110.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame FCB0 0
235 B 30ms
28ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-0aXOAgEqXyshi82F50lEn_kOhllVP6K83r0nlQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Nov 2023 11:39:20 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 24 Nov 2023 11:39:20 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame FCB0 0
15 B 14ms
11ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-k-0hqwEqXyshi82F50lEn_kOhlmMck3LjUdAlQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame FCB0 43 B
857 B 14ms
13ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-xgzvowEqXyshi82F50lEn_kOhlmDfxMMb5O0GQ

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
an-x-request-uuid: 00de1b77-fa72-4b44-96af-041686726e0c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FCB0
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NwAlvXXcSDom4SaFL4d6dPqyhAntjTn0

0
336 B

30ms
30ms

Image
text/plain

34.246.253.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NwAlvXXcSDom4SaFL4d6dPqyhAntjTn0
Protocol: H2
Server: 34.246.253.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-253-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Sat, 25 Nov 2023 11:39:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1700912360
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=NwAlvXXcSDom4SaFL4d6dPqyhAntjTn0
date: Sat, 25 Nov 2023 11:39:20 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 842342
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame FCB0
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xw8xSGJCSBgF_T3a3Vns_zV4ExlZ7Hbc

35 B
267 B

117ms
106ms

Image
image/gif

3.18.128.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xw8xSGJCSBgF_T3a3Vns_zV4ExlZ7Hbc
Protocol: H2
Server: 3.18.128.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-128-164.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:20 GMT
x-bt-requestid: 45dcfb20-8b87-11ee-81db-0000ac170251
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Xw8xSGJCSBgF_T3a3Vns_zV4ExlZ7Hbc
date: Sat, 25 Nov 2023 11:39:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 704936
content-length: 0

POST
H2 200 subscription Show response
push.dengage.com/api/web/ 21 B
222 B 185ms
53ms Fetch
text/plain 195.42.241.245
DALNET-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://push.dengage.com/api/web/subscription
Requested by: Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.42.241.245 , United Kingdom, ASN51540 (DALNET-ASN, TR),
Reverse DNS: static-mail-241-245.engines.dengage.net
Software: openresty/1.21.4.3 /
Resource Hash: c1436f013d4e07095a5a4bb65ac418fb769a398e247f2224807b3ec41bae4fe0

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 11:39:20 GMT
access-control-allow-credentials: true
server: openresty/1.21.4.3
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain, text/plain

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2100713105&t=event&cu=TRY&_s=1&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Promotion&el=Promotion%20Impression&ev=0&_u=aCDAgEALAAAAAGgMIAC~&jid=&gjid=&cid=1470306541.1700912358&tid=UA-56629995-16&_gid=1489858499.1700912359&gtm=45He3b81n815B75WDJv812754639&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&promo1id=30988&promo1nm=bodrum%20bah%C3%A7e%C5%9Fehir%20canl%C4%B1&promo1ps=Homepage%20%7C%20Slider%20%7C%201&z=186594541

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 10:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3874
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
99 B 69ms
69ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1700912363205

Requested by

Host: www.bilyoner.com
URL: https://www.bilyoner.com/static/vendors~main.js?v=e740c6da7d591ab5605f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Sat, 25 Nov 2023 11:39:23 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bilyoner.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 49
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H2 200 GALATASARAY_ALANYASPOR_MOBIL.jpg
content.bilyoner.com/media/cms/photos/ 40 KB
40 KB 12ms
11ms Image
image/avif 2.19.126.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.bilyoner.com/media/cms/photos/GALATASARAY_ALANYASPOR_MOBIL.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-88.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0cf0aae3a36e5b7ec78c3d86588d2412c5d1737f162c78eec529270fce7b9337

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bilyoner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:39:23 GMT
last-modified: Fri, 24 Nov 2023 21:35:03 GMT
server: Akamai Image Manager
etag: "6560b106-17265"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=35800
content-length: 40527
expires: Sat, 25 Nov 2023 21:36:03 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 19ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CPFKSMWSQC&gtm=45je3b81v886831908&_p=1700912357807&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1470306541.1700912358&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&cu=TRY&dl=https%3A%2F%2Fwww.bilyoner.com%2F&dp=%2F&dt=Bilyoner%3A%20%C4%B0ddaa%20%7C%20At%20Yar%C4%B1%C5%9F%C4%B1%20%7C%20Spor%20Toto&sid=1700912359&sct=1&seg=0&_s=2&tfd=6973
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CPFKSMWSQC&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bilyoner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 11:39:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bilyoner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bilyoner.com/api/sto/programs/drawinfo/q3	1970-01-20 16:28:32	Name: ADRUM_BTa Value: R%3A25%7Cg%3Ace33c7df-4944-44fc-80a5-7ac82ff3df5c%7Cn%3Abilyoner-prod_71f32434-7f48-4cff-adad-d354c0d98b73
www.bilyoner.com/api/sto/programs/drawinfo/q3	1970-01-20 16:28:32	Name: ADRUM_BT1 Value: R%3A25%7Ci%3A1801943%7Ce%3A6%7Cd%3A5
www.bilyoner.com/api/sto/programs/drawinfo/q3	1970-01-20 16:28:32	Name: SameSite Value: None
www.bilyoner.com/api/campaigns/public/active	1970-01-20 16:28:32	Name: ADRUM_BTa Value: R%3A25%7Cg%3Ae427a3dc-3427-424c-ba3b-1c2327aa33c1%7Cn%3Abilyoner-prod_71f32434-7f48-4cff-adad-d354c0d98b73
www.bilyoner.com/api/campaigns/public/active	1970-01-20 16:28:32	Name: ADRUM_BT1 Value: R%3A25%7Ci%3A1801927%7Ce%3A6%7Cd%3A5
www.bilyoner.com/api/campaigns/public/active	1970-01-20 16:28:32	Name: SameSite Value: None
www.bilyoner.com/api/mobile/live-score/event	1970-01-20 16:28:32	Name: SameSite Value: None
www.bilyoner.com/api/mobile/live-score/event	1970-01-20 16:28:32	Name: ADRUM_BTa Value: R%3A25%7Cg%3A3c1d1658-4caf-4e2b-b7f2-8fa5a5bd0395%7Cn%3Abilyoner-prod_71f32434-7f48-4cff-adad-d354c0d98b73
www.bilyoner.com/api/mobile/live-score/event	1970-01-20 16:28:32	Name: ADRUM_BT1 Value: R%3A25%7Ci%3A1801915%7Ce%3A12%7Cd%3A5
.bilyoner.com/	1970-01-20 18:38:08	Name: _gcl_au Value: 1.1.1659688499.1700912358
www.bilyoner.com/	1970-01-21 02:04:32	Name: uniqueDeviceID Value: DBCAED6A-A0D1-44B9-9CBC-60F2559AC952
www.bilyoner.com/	1969-12-31 23:59:59	Name: 571edc23131ded301037dab77e02abd9 Value: 9f73050682b84f00750a4d196b8268a2
www.bilyoner.com/	1969-12-31 23:59:59	Name: 342120a2a02588def97da7416af08315 Value: 6707afd25c5a623ee5be6e330f54a03a
www.bilyoner.com/	1970-01-20 16:28:32	Name: SameSite Value: None
.bilyoner.com/	1970-01-21 02:04:32	Name: _ga_0PMSPH49DC Value: GS1.1.1700912358.1.0.1700912358.0.0.0
.bilyoner.com/	1970-01-21 02:04:32	Name: _ga Value: GA1.2.1470306541.1700912358
.bilyoner.com/	1970-01-20 16:29:58	Name: _gid Value: GA1.2.1489858499.1700912359
.bilyoner.com/	1970-01-20 16:28:32	Name: _dc_gtm_UA-56629995-16 Value: 1
.bilyoner.com/	1970-01-20 16:28:32	Name: _gat_UA-56629995-21 Value: 1
.bilyoner.com/	1970-01-20 16:29:58	Name: _uetsid Value: 44fe64108b8711eeb8a78bbb8bd8fa0e
.bilyoner.com/	1970-01-21 01:50:08	Name: _uetvid Value: 44ff72608b8711eea8d31b59af841636
.bing.com/	1970-01-21 01:50:08	Name: MUID Value: 34D31474BA0462AF26D007A0BBD66381
www.bilyoner.com/	1969-12-31 23:59:59	Name: 9318a879a0b9452f06ccce79aa7ed4b7 Value: 6707afd25c5a623ee5be6e330f54a03a
.twitter.com/	1970-01-21 02:04:32	Name: guest_id_marketing Value: v1%3A170091235902004136
.twitter.com/	1970-01-21 02:04:32	Name: guest_id_ads Value: v1%3A170091235902004136
.twitter.com/	1970-01-21 02:04:32	Name: personalization_id Value: "v1_bEpGrdVuesJhnw7m8ui4nA=="
.twitter.com/	1970-01-21 02:04:32	Name: guest_id Value: v1%3A170091235902004136
.t.co/	1970-01-21 02:04:32	Name: muc_ads Value: 9c8b2db9-59f3-4e66-851a-0a1e0e1042c4
.bilyoner.com/	1970-01-20 18:38:08	Name: _fbp Value: fb.1.1700912359215.526868494
www.bilyoner.com/	1970-01-20 16:28:32	Name: ADRUM_BT1 Value: "R:25\|i:2489350\|e:8"
www.bilyoner.com/	1970-01-20 16:28:32	Name: ADRUM_BTa Value: "R:25\|g:71ea4fb7-d2da-44d7-9bea-5480865f4188\|n:bilyoner-prod_71f32434-7f48-4cff-adad-d354c0d98b73"
www.bilyoner.com/	1969-12-31 23:59:59	Name: 430d534b564f33555f96db71a994208d Value: 5b901f39140c580c8b8cbc960bab9539
www.bilyoner.com/	1969-12-31 23:59:59	Name: 2a7093cbc67b591ca1019a2a3e2f64aa Value: ff5273c2c4d7388cb3f1a4d49af5a571
.bilyoner.com/	1970-01-21 02:04:32	Name: _ga_6R5FN1E3W1 Value: GS1.2.1700912359.1.0.1700912359.60.0.0
.criteo.com/	1970-01-21 01:50:08	Name: uid Value: b01fddbf-cf93-4ebb-82bf-5f894292e836
.criteo.com/	1970-01-21 01:50:08	Name: receive-cookie-deprecation Value: 1
apiwsw.bilyoner.com/	1969-12-31 23:59:59	Name: SERVERID Value: wss_31449
.bilyoner.com/	1970-01-21 01:57:56	Name: cto_bundle Value: Q3QTJF9CS01nQXdmOHQ1OEU0RG5GdkhMY2RqSjYyNFF2V1dmMFEzbGxVOWZFS0hUck1lQmlEaUR4RyUyRjJkbnptRTRGTG45R0cybTElMkJqJTJGY0FrN1RuJTJCV1h6WGZHSnBxVzZIczlJS2NuYUV4VGhJV3l4JTJCbnVla3RSdEFvcU5PM2hPJTJGc05HQUU2dG1BQTljMXNISjRGbFltZXVwJTJCZyUzRCUzRA
.adnxs.com/	1970-01-20 18:38:08	Name: uuid2 Value: 766374957777029099
.doubleclick.net/	1970-01-21 01:50:08	Name: IDE Value: AHWqTUlso8msPcEO6K0QUNq1zOpGgy7judzNPLu0DzBz5rXmmvpmkmTTqEsfCpA0Fnk
.casalemedia.com/	1970-01-21 01:14:08	Name: CMID Value: ZWHc57BwR4wOBxtqJbXZewAA
.casalemedia.com/	1970-01-20 18:38:08	Name: CMPS Value: 1128
.casalemedia.com/	1970-01-20 18:38:08	Name: CMPRO Value: 1128
.demdex.net/	1970-01-20 20:47:44	Name: demdex Value: 81109575919160059383812618988866878475
.media.net/	1970-01-21 01:14:08	Name: visitor-id Value: 3439139591492164000V10
.media.net/	1970-01-20 17:11:44	Name: data-c Value: k-_YNcsQEqXyshi82F50lEn_kOhlmWGu-1SCxrlA~~3
.omnitagjs.com/	1970-01-20 17:11:44	Name: ayl_visitor Value: 614eb473500b0413c442988a1b8ddf8c
exchange.mediavine.com/	1970-01-20 16:48:41	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2245903ab0-8b87-11ee-9099-e3d101a84011%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 16:48:41	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2245903ab0-8b87-11ee-9099-e3d101a84011%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 16:48:41	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2245903ab0-8b87-11ee-9099-e3d101a84011%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 16:48:41	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2245903ab0-8b87-11ee-9099-e3d101a84011%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 16:48:41	Name: criteo Value: %7B%22id%22%3A%22k-v6Mx4gEqXyshi82F50lEn_kOhlnzGCY1ZlrATQ%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/	1970-01-20 20:47:44	Name: dpm Value: 81109575919160059383812618988866878475
.bilyoner.com/	1970-01-21 02:04:32	Name: wis_u Value: 155493ab-b1b6-40a9-8cd7-c7ae52ee4f45\|\|1\|\|\|39
.bilyoner.com/	1970-01-20 16:28:34	Name: wis_v Value: 1700912359972\|1\|/\|1
.krxd.net/	1970-01-20 20:47:44	Name: _kuid_ Value: P79jOV1F
.bilyoner.com/	1970-01-21 02:04:32	Name: _ga_FN5Z7W5Z23 Value: GS1.1.1700912358.1.0.1700912360.58.0.0
.postrelease.com/	1970-01-21 01:14:08	Name: opt_out Value: 1
.tremorhub.com/	1970-01-20 17:11:44	Name: tv_UICR Value: k-Rd3BIwEqXyshi82F50lEn_kOhlkyFmEcBExCyA
.adnxs.com/	1970-01-20 18:38:08	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E?kJ8Nmw!A#El.TSyx/AFZ3=0`_Q/2!0c^L7RY=_f)j()5Rj3+im33a/X/>Hm]mw`Ofok7e7b**YhQ$j+(j#iP(Md+>)fy+f4I6v.
.media.net/	1970-01-20 17:11:44	Name: data-c-ts Value: 1700912360
.tremorhub.com/	1970-01-21 01:14:29	Name: tvid Value: 773dc3b275a849d39379f34b618e4c9c
.bilyoner.com/	1970-01-21 02:04:32	Name: _ga_CPFKSMWSQC Value: GS1.2.1700912359.1.0.1700912363.56.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

460324fe-760e-00a9-5f0d-6f3fd1452758.dengagecdn.com
ad.360yield.com
ad.yieldlab.net
analytics.twitter.com
api-js.mixpanel.com
bat.bing.com
beacon.krxd.net
bilyoner.webinstats.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
content.bilyoner.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dbfukofby5ycr.cloudfront.net
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
event.dengage.com
exchange.mediavine.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
instant.page
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pcdn.dengage.com
pixel.rubiconproject.com
push.dengage.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
trends.revcontent.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.bilyoner.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.244.42.195
104.244.42.5
141.226.228.48
142.250.186.162
146.75.116.157
162.19.138.116
172.64.151.101
178.250.1.9
18.195.110.104
18.196.230.223
18.66.107.190
185.64.191.210
185.86.139.104
185.89.211.12
195.42.241.245
195.42.242.247
2.16.97.41
2.19.126.88
2001:4860:4802:34::36
23.35.237.75
2600:1f18:612b:4232:d5ff:1540:2e33:3aaf
2606:4700::6811:a1a
2620:1ec:46::45
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9c
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.123.198.250
3.18.128.164
3.71.149.231
34.117.157.22
34.246.253.18
34.248.177.109
35.156.208.108
35.190.25.25
37.157.3.20
54.195.232.74
54.77.121.238
54.77.45.243
54.88.4.137
54.93.209.232
69.173.144.139
70.42.32.255
76.223.111.18
92.45.9.90
95.101.148.20
99.80.178.10
011d010ee5724df000fd9020cb6e664d9a608d0ded3adc8607c3c2a0ff686e07
014b5e2161dbaa2505411cce45157e0025f762a718783a92305d56be371020cd
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0cf0aae3a36e5b7ec78c3d86588d2412c5d1737f162c78eec529270fce7b9337
0d0ee7a16ae3c3063d7644963128afd917c75e9aab66dc4582966b6e5aaeaf6c
11a0075cadaf536952cba2545f41439f4b97b2e3cecf668f729ad5b0c578b12c
12a4c75b1fa07d07caa74493e687fbf6e4a9378dbbc4d7a1c6f5d4dbaa483b2f
14d86418f6e23aec1d3c35e75b078c6824e9686f9b4f407d23c1cb7c863d6a22
19ac4abc1b68ead8cc090b96714ad28e710d0559479ff841c948a501beea4ed0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e19a057012e9ef20ae6fde553a4dfb7a388c3cf53c6b3dc561475a17f79c7e5
217a3b0cfab727505d5c70d057949daab9f9a52d31a7cbf5d8370baf2cc8ca03
21d83c4c14d64c58722f72c03ef1937cb7847f58791abacd39d6d8f3300fe4ff
222cb69c9157cc09fef4924083b3b61a6c24d4f4dff32a23e14a394bdd7dd454
23ee4ab2f874a66c05ffcde79ccea8998bdfb89da8b8e7f1a0503e2681e7256f
269c708bfd92d4778c66fde372c9d04ce51056b548a4d5d2315b15f5e7b46311
26ae02bbdb9edbf736434746620ae2faa0fc47968f0804c8c662f7001f6b6e8c
2a337db072637cb3951de3ea242b330bbfe351556616405176b28a088200efd8
2b1ad5f13021153065bab2770d6e822cd288f49d9d1100c56f39b5c50ececb2c
2ed390fd2088fb30b98d6c15dd1f775d5874ac8103263804fea3d09b012e1a57
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3999c9b77500d9956d74538c45b0588f5f59f9d14d37b7acdb0fced5e6980bc3
39c102ffcc6891599d596635a2a0acfffbeed99182ff41879cf241131cf2393a
3a0690bf7a3c3cad0ea62d3fc3c5bc4ea56748138fe83bb526408f51b4e80511
3b770e69eba7b52248d972f063ad9cc3b77c6b47e5c32567e51a0cf584c1f169
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f96afe7ba877a977469ef2dc1295f9d6a786168f677c45d2c54f5823de065c
49da755744a4934042f0d2917d8dc4c014e6aba76f84dde5fd0af448a4e9bb5c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb1db10b084baa3339de503fef7ae1358eddb2ba097063ba243d8bd34838166
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e21b2666aa4534c57b6aa96f52964c694e03796e5a775d24c2a4135e868dcbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4ae18fd54312b6dbbe4812ccda5d03c04d7a24bbc3937fa7ac72acc4a72cf6
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e910d1be2700ec0b03a96802249b6c19f98108ad2fc6066bf9b155e0fbd51fb
5ee347c33b178f595fc66d778830d035b78f7175095b79744965ddab8e4526fe
646e58d932e3e5ae406d63e17d375de4b6d0cc0562e62b34d8351b9189414a3a
65e11ebd7274324d63c08f12621593cd86f161e9b7be521cdb94be31aeac9a06
6b73cfda567992a191c8ef927d16cde06a9236f700721e2408c253db9c7469fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3c762c92468d0674926844b7b53a900dbaf93f55fc7b0289a0b2e1a46ce3a8
6fcd74c53be0b57667b228ed9ec288ce22c1051322c14c6ba0af81b48fdddba7
76278f4545bd80a6762186972e2d209207cc576c716462feec93b12b96ea0b26
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79222cabb82661279c62b132774b18e6656f4385b7c688f16cb1b1c4b4ef48b9
7a56603be1f135a5bdf9e9fbd62620ca1c7f12d73293a94bb76e65556cb91730
812700400667b6e25ee0b887cca43571595e87f097f222d4fa4b8559d867237f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843ac08ae74f4ab3a1c96b2305616f7425b2c10abf1e502236744b7edf02b077
84548bb8a2e0664bada5b973b56f6b44dff435e5874a2791afe2e3314c319039
8487b33c5db3fb10b3785281018ea31ac4897ae02e1074b5a79e174ac409b2a1
84884a5d0744ac8ff922ca1fa4221a53540cc173435944f164fd58fcf888fa4c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8858b22c17f42da16c07fd86de2e0a314f5ef2c0b9738cdb3c96e463eaa55693
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ce948babfa0ccbbdd5443da46e9352665db824d7a59084e44e81d6bbe7d62b0
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
91fb94620ff452ee6411f6361a03db26b273698031a09829bf41ba2032fc0064
94379021e055f0760971ed41518c944bcb5e63ec2c04834387278cb0d832c33b
95150df602b06b4f67d5ba3e794dcadb3bf1cd9c879abf14325df1723e0031d8
974da7d3847baebedac18feedb062124f604edf4691da0b549419bdc1484b6ac
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
988f202b0ef04dde870ee90a849200a5d652caec89d3bc42ffbed8719dcfd47c
9be30c08635847f3dd7210cc0ccde101011b15ceb084a99c9c6969c914ffd690
9cb6d4aeae515f02b7a57872dec22e868a3a0b1536253ef09531aa80ffd610f5
9d90900e091420385f50b09996f39aa5666699d6d4f2754ab1421707b54b9314
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a385b88f20d9bb2711635788aacc519dd0b8c993f137b2b6c08897d20034e2da
a501b0c4a771b1705005fa37b55598283262f81bf51f0ae851e495cf0e6ce5e0
a7fb50141e24da80b0ee89e595c7f6edb3d1b9346d989968ca86117a437aae70
a8824f8be69458eb75611bcfe746ef6c717276e0d003e1c11f4299d0b0b4d353
a991f20cda0af595a0ef9a611818bf80ec510397eaf5e2b5a05153325a981dc7
aaf2e27f14c1203d780006b38887c3a34688ea1f5aa8a9dfeb65b5b06b82e1ff
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28b3cec21adb461d42c1a2fa3856167784fae5255f828ae62258d42f24586d2
b48c8c6d417fa4949342628d8a34c3e4cbebb96c081e6fbac4c67b127b44ac68
b5bc4f450d6d48b2a4cea602557a7a20dc7ab461b644e0391e1563a0695a8a61
b999da5f1ff452deaaeb60dfe03d8a10582c8b74316b7c22735dbf89498424d3
ba1af784a26a89623bb0bda89153ac8fe5070c72ed5b949f3bd6bb49ae09a5b5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce1c6ba6a3f28cca9f52a85b92341daaada3f57df4913a24f01fcb118f4e1b0
bdd8813be877a8d1518f5611f10f1258cfa7454dd3692b16238917bf2824fb5d
c1436f013d4e07095a5a4bb65ac418fb769a398e247f2224807b3ec41bae4fe0
c2d89329427cfe515643378d12be1ea46dd1c951a553aa4d35f0f12d23b8cec0
c668b3e193951390c42b313dc6a3329bcfd219007f4905c25efd870abf94a9ea
c87cdc0a32c6291a398eeecdc0ac9c881abea66d3a10dff4ca79517fc08d328c
c97484b870b6257ea9fbc953c26a261bf75eef7526f30b9130d57205210b2b3a
c97e39a43c70059c71a85318bb3d8c0c41507136c2b7e3bf6a3560346b53a1c8
caadd8fd368ad2d2145eea5c6e4eda3dd7bbf66359178684cae3e8e4f2e7a29c
cc3d47bf0f4e97460e268b020ddce071eccfec1b4b01339cbbd880ba8cd801c5
cd8e640357e2c90f1d0f234f9cae65dcd625d27b0557b1f3029056fa0492a7be
cf369c4567b2c610f2fd8a9079472045339c0ea233eca06be0084ddeeffdaf8a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d15a6b33e242ac374716210e47589219ae08ebaeac9dbbae00943df369cc863e
d3d68e4a16fc086ada99c2c4dbfa4d7635c2aac5be6789ce19770f04bd289185
d579ff589842990d73c9e9e4f0258773ebd21fe23b3b22a50f1dfddd6acc1497
d6dc17ef800cfb1944c1dc50bb4e95abbe57e09480f3053d35a6b056af5ab3f4
d85088375ae84df94bd7ce7e8c8551582a620811d81b147d102d92b8160df1a9
d8f19000c3205103711e23ecf5fec639747c4482409ad00af8778eaf0972cc49
dc6ac51bb003a2df54066648aeee60a48b7853f24bc1f3b4fa62723ff9af07c9
ddb18fdf9f687660f7b4b563d41ded422312a3660092cbca093303824a33818f
de2fb48982295ead77853c1fb03523626e3c79ec4b0d96a2179781030a7038da
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03e45dc9f517df1d762e30f4d64b16b36357bc0443fee0959b45f859683476a
e1341fa8167ccff97d63a2a69df402dbf47bce88446b238c72faccc6e121aad8
e307a561dcc50ffd1443ce0aef520e087a2a0bdce4306f9c636bd65757e8c875
e342157c1ac40492362b31b937f03eba86ed2b384d8f545296d8ee58f972ba5f
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e887f5381570687450210a77c6bd5b107c433079aa7666e502a402f91f0e0b2d
e896fd72ed6b97558f8d9cc7d9c84f3273e126b5831e50a449275073f19fa94c
ed380a206dc51b365c7799ed70f028a71a31dbf05ac8ca9c8f3bcd8dc01701bd
eedab12c7b928dfe1856369be5bca245105f1bd9f67c6eefd70005c68128d77e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff1904d0bad57f13ef29478878830d141c8cf94fcf978edc6849c9e70bfa5d7
f2d3e1ccd66d07ca5900b7b7a7097333046a18e0455f1c3f372dfd8ab0dc9fcf
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f4ba061f983d2c37972a04360e1ffcdcd10c333993b81af42c39edffc2074eed
f8b7070925c260ce41cd4c1610f8eaabdfc4aea9194b832ec023b06dc603c711
ff16b40b01f3698be420da203b37130465bc5e0f532800ade93f3274ec6d7a9a

www.bilyoner.com Open in urlscan Pro 92.45.9.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

94 %HTTPS

33 %IPv6

50 Domains

62 Subdomains

58 IPs

9 Countries

4309 kBTransfer

12917 kBSize

63 Cookies

8 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bilyoner.com Open in urlscan Pro
92.45.9.90 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

94 %
HTTPS

33 %
IPv6

50
Domains

62
Subdomains

58
IPs

9
Countries

4309 kB
Transfer

12917 kB
Size

63
Cookies

210 HTTP transactions
1 data transactions