urlscan.io logo urlscan.io
SecurityTrails logo

hepsibahis249.com Open in urlscan Pro
104.18.34.133  Public Scan

Go To Rescan Add Verdict Report
URL: http://hepsibahis249.com/
Submission: On April 09 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 29 HTTP transactions. The main IP is 104.18.34.133, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is hepsibahis249.com.
This is the only time hepsibahis249.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.18.34.133 13335 (CLOUDFLAR...)
1 104.18.35.133 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.194.225.57 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a02:6b8::1:119 13238 (YANDEX)
1 151.101.120.157 54113 (FASTLY)
9 2600:1901:0:9... 15169 (GOOGLE)
29 12
1    104.18.34.133 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hepsibahis249.com
1    104.18.35.133 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hepsibahis249.com
1    2a00:1450:4001:809::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
5    2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:400c:c0a::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
5    2a00:1450:4001:818::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    54.194.225.57 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-225-57.eu-west-1.compute.amazonaws.com
src.webpu.sh
2    2a00:1450:4001:80b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
5    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    151.101.120.157 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com
9    2600:1901:0:94b6:: (United States)

ASN15169 (GOOGLE - Google LLC, US)
tracking-faedd.firebaseio.com
s-usc1c-nss-250.firebaseio.com
Domain Requested by
8 s-usc1c-nss-250.firebaseio.com www.gstatic.com
5 mc.yandex.ru 1 redirects hepsibahis249.com
5 www.google.com 2 redirects hepsibahis249.com
www.gstatic.com
5 www.google-analytics.com 1 redirects hepsibahis249.com
www.google-analytics.com
2 www.gstatic.com www.googletagmanager.com
www.google.com
2 www.google.de hepsibahis249.com
2 stats.g.doubleclick.net 2 redirects
2 hepsibahis249.com hepsibahis249.com
1 tracking-faedd.firebaseio.com www.gstatic.com
1 static.ads-twitter.com hepsibahis249.com
1 src.webpu.sh www.googletagmanager.com
1 www.googletagmanager.com hepsibahis249.com
29 12

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.webpu.sh
Go Daddy Secure Certificate Authority - G2		 2018-11-24 -
2020-01-23		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh
firebaseio.com
Google Internet Authority G3		 2019-03-01 -
2019-08-30		 6 months crt.sh

This page contains 5 frames:

Primary Page: http://hepsibahis249.com/
Frame ID: EFC8B3698DE01CEBC9D750E44AC1AE07
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0&co=aHR0cDovL2hlcHNpYmFoaXMyNDkuY29tOjgw&hl=en&v=v1554100419869&size=normal&cb=5bj0qimm6b7l
Frame ID: 1291BC1871FE157AD7D55A5AE19DE252
Requests: 1 HTTP requests in this frame

Frame: https://tracking-faedd.firebaseio.com/.lp?start=t&ser=92591869&cb=1&v=5
Frame ID: 38C8916D94154B91362557B68688926C
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1554100419869&k=6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0&cb=lm7i10rx69v3
Frame ID: 9A8195499EE47C02B540E5EBAEF132D3
Requests: 1 HTTP requests in this frame

Frame: https://s-usc1c-nss-250.firebaseio.com/.lp?dframe=t&id=1211569&pw=TWrJ4xjImq&ns=tracking-faedd
Frame ID: C77CC89D1DFBE6EFDFE4C12A81B8AD90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^Recaptcha$/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

29
Requests

86 %
HTTPS

67 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

685 kB
Transfer

1831 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=840835466&t=event&_s=1&dl=http%3A%2F%2Fhepsibahis249.com%2F&ul=en-us&de=UTF-8&dt=Youwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Acquisition&ea=Traffic&el=Outside%20Turkey&_u=IEBAAEAB~&jid=58519559&gjid=872512778&cid=1339064304.1554800873&tid=UA-26966128-5&_gid=954104143.1554800873&_r=1&z=1318195794 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_gid=954104143.1554800873&gjid=872512778&_v=j73&z=1318195794 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_v=j73&z=1318195794 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_v=j73&z=1318195794&slf_rd=1&random=860967548
Request Chain 9
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 16
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&uid=null&gjid=1673465374&_gid=954104143.1554800873&_u=aGDAgEAL~&z=1212716079 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&_v=j73&z=1212716079 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&_v=j73&z=1212716079&slf_rd=1&random=366284761
Request Chain 17
  • https://mc.yandex.ru/watch/48641507?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190409090753%3Aet%3A1554800873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A704804601%3Ahid%3A245464846%3Ads%3A32%2C12%2C122%2C47%2C0%2C0%2C0%2C91%2C0%2C%2C%2C%2C260%3Afp%3A260%3Awn%3A49215%3Ahl%3A2%3Agdpr%3A14%3Av%3A1513%3Ast%3A1554800873%3Au%3A1554800873520299585%3At%3AYouwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino HTTP 302
  • https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190409090753%3Aet%3A1554800873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A704804601%3Ahid%3A245464846%3Ads%3A32%2C12%2C122%2C47%2C0%2C0%2C0%2C91%2C0%2C%2C%2C%2C260%3Afp%3A260%3Awn%3A49215%3Ahl%3A2%3Agdpr%3A14%3Av%3A1513%3Ast%3A1554800873%3Au%3A1554800873520299585%3At%3AYouwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
hepsibahis249.com/ 		469 KB
312 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hepsibahis249.com/
Protocol
HTTP/1.1
Server
104.18.34.133 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bfa18733c76a19a7f357707a25d3d7825665598fe6aadbc31af7902e34c7ec0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
hepsibahis249.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
CF-Chl-Bypass
1
Set-Cookie
__cfduid=d59c979527e885141fd2afa2adeca904c1554800872; expires=Wed, 08-Apr-20 09:07:52 GMT; path=/; domain=.hepsibahis249.com; HttpOnly; Secure
Cache-Control
max-age=2
Expires
Tue, 09 Apr 2019 09:07:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4c4b554efd4ebd89-AMS
Content-Encoding
gzip
Cookie set cf.challenge.js
hepsibahis249.com/cdn-cgi/scripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hepsibahis249.com/cdn-cgi/scripts/cf.challenge.js
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
HTTP/1.1
Server
104.18.35.133 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7fc2fb688cf1bb7c4de30c20b2c28142153e2f296624cb73f7c5d223e57bd08
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hepsibahis249.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://hepsibahis249.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 01 Apr 2019 13:45:25 GMT
Server
cloudflare
ETag
W/"5ca215f5-2668"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Set-Cookie
__cfduid=d685af7312bce31e6108af80ef92deebd1554800872; expires=Wed, 08-Apr-20 09:07:52 GMT; path=/; domain=.hepsibahis249.com; HttpOnly; Secure
Cache-Control
max-age=172800 public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4c4b55503cf19be7-AMS
Expires
Thu, 11 Apr 2019 09:07:53 GMT
gtm.js
www.googletagmanager.com/ 		188 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-2TQ4
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
1b88387df98dd9ee7553c6f625e4742b720360ee565c6a5b1f923c8f2767a342
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 01:31:58 GMT
Server
Google Tag Manager (scaffolding)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
45585
X-XSS-Protection
0
Expires
Tue, 09 Apr 2019 09:07:52 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
5725
date
Tue, 09 Apr 2019 07:32:27 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 09 Apr 2019 09:32:27 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d886d0b09985e9f66aa8255c64b7b4fb2012c02a62f53f7971b7983434f0267

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		126 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f380be24e1ab4ad388152ebdd110b492e6be7cdba971a0d68d2269669c4a2f7e

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		13 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d49e6bc90267dc90c7b5cd65288bdcd0404ff1eca3f59b3e5d9357ff8f8963

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hepsibahis249.com/
Origin
http://hepsibahis249.com

Response headers

Content-Type
font/woff2
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=840835466&t=event&_s=1&dl=http%3A%2F%2Fhepsibahis249.com%2F&ul=en-us&de=UTF-8&dt=Youwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisle...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_gid=954104143.1554800873&gjid=872512778&_v=j73&z=1318195794
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_v=j73&z=1318195794
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_v=j73&z=1318195794&slf_rd=1&random=860967548
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_v=j73&z=1318195794&slf_rd=1&random=860967548
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Apr 2019 09:07:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Apr 2019 09:07:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=58519559&_v=j73&z=1318195794&slf_rd=1&random=860967548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		837 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/cdn-cgi/scripts/cf.challenge.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
4c22e7f53296ef925eeaa7cda99de2ef82b8d0fd9b349e2c18c38787634a2bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Apr 2019 09:07:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
469
x-xss-protection
1; mode=block
expires
Tue, 09 Apr 2019 09:07:53 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Apr 2019 08:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
3078
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1296
x-xss-protection
0
expires
Tue, 09 Apr 2019 09:16:35 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
5726
date
Tue, 09 Apr 2019 07:32:27 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 09 Apr 2019 09:32:27 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
sdk.js
src.webpu.sh/sfCsiqHtOxj94wufAaS_a2rXwcYNIPX6/ 		174 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://src.webpu.sh/sfCsiqHtOxj94wufAaS_a2rXwcYNIPX6/sdk.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-2TQ4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.225.57 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-225-57.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2f4bde5b4ea2043941f48d209ecde1cf0c855a9fa2fc15c00a61fdc49890678e

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Apr 2019 07:28:00 GMT
Server
nginx
x-amz-request-id
671E5D854331BC14
ETag
W/"3ebab2f3c99d3187a51367d70fa7288b"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
BR+UdXxNHrIYnDgUwNSAi6etZvh6aIkSZaiGaT5dXlGSwQ9OTGILEikVFSyZQRq8jJO/lcjm5sw=
firebase.js
www.gstatic.com/firebasejs/4.0.0/ 		349 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-2TQ4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
93efba12229c5d6f08c74dc53ef1f3eb96c8e887ab80dcc4e76ff6669f8cb17c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 02:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 May 2017 20:00:33 GMT
server
sffe
age
2702976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
108791
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 02:18:17 GMT
watch.js
mc.yandex.ru/metrika/ 		132 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ba705af854d539af056ca751dad5e70b7a9a12fb8ba2760e4936cfaf3b2f66b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:53 GMT
Content-Encoding
br
Last-Modified
Tue, 02 Apr 2019 08:19:50 GMT
Server
nginx/1.12.2
ETag
"5ca31b26-9ae8"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
39656
Expires
Tue, 09 Apr 2019 10:07:53 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.ads-twitter.com/uwt.js
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
HTTP/1.1
Server
151.101.120.157 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:53 GMT
Content-Encoding
gzip
Age
61220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
1954
X-Served-By
cache-cdg20753-CDG
Last-Modified
Tue, 23 Jan 2018 19:05:33 GMT
X-Timer
S1554800873.134302,VS0,VE0
Etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
Vary
Accept-Encoding,Host
Content-Type
application/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
no-cache
Accept-Ranges
bytes
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1554100419869/ 		261 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1554100419869/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
07a045bd0b098c8ca4b92ec31d5247281c8db4ea451d53db155b50bd2e388a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2019 21:15:00 GMT
server
sffe
age
559682
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
93196
x-xss-protection
0
expires
Wed, 01 Apr 2020 21:39:51 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&aip=1&a=840835466&t=pageview&_s=1&dl=http%3A%2F%2Fhepsibahis249.com%2F&ul=en-us&de=UTF-8&dt=Youwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAL~&jid=1014974332&gjid=1673465374&cid=1339064304.1554800873&uid=null&tid=UA-26966128-5&_gid=954104143.1554800873&gtm=2wg3r32TQ4&cd1=null&z=340066790
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 05:14:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2692422
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&uid=null&gjid=1673465374&_gid=954104143.1554800873&_u=aGDAgEAL~&z=121...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&_v=j73&z=1212716079
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&_v=j73&z=1212716079&slf_rd=1&random=366284761
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&_v=j73&z=1212716079&slf_rd=1&random=366284761
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Apr 2019 09:07:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Apr 2019 09:07:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26966128-5&cid=1339064304.1554800873&jid=1014974332&_v=j73&z=1212716079&slf_rd=1&random=366284761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/48641507/
Redirect Chain
  • https://mc.yandex.ru/watch/48641507?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362...
  • https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190409090753%3Aet%3A1554800873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A704804601%3Ahid%3A245464846%3Ads%3A32%2C12%2C122%2C47%2C0%2C0%2C0%2C91%2C0%2C%2C%2C%2C260%3Afp%3A260%3Awn%3A49215%3Ahl%3A2%3Agdpr%3A14%3Av%3A1513%3Ast%3A1554800873%3Au%3A1554800873520299585%3At%3AYouwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Apr 2019 09:07:53 GMT
Last-Modified
Tue, 09-Apr-2019 09:07:53 GMT
Server
nginx/1.12.2
Location
/watch/48641507/1?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190409090753%3Aet%3A1554800873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A704804601%3Ahid%3A245464846%3Ads%3A32%2C12%2C122%2C47%2C0%2C0%2C0%2C91%2C0%2C%2C%2C%2C260%3Afp%3A260%3Awn%3A49215%3Ahl%3A2%3Agdpr%3A14%3Av%3A1513%3Ast%3A1554800873%3Au%3A1554800873520299585%3At%3AYouwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
http://hepsibahis249.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 09-Apr-2019 09:07:53 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Apr 2019 09:07:53 GMT
Last-Modified
Tue, 09-Apr-2019 09:07:53 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://hepsibahis249.com
Strict-Transport-Security
max-age=31536000
Location
/watch/48641507/1?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190409090753%3Aet%3A1554800873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A704804601%3Ahid%3A245464846%3Ads%3A32%2C12%2C122%2C47%2C0%2C0%2C0%2C91%2C0%2C%2C%2C%2C260%3Afp%3A260%3Awn%3A49215%3Ahl%3A2%3Agdpr%3A14%3Av%3A1513%3Ast%3A1554800873%3Au%3A1554800873520299585%3At%3AYouwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 09-Apr-2019 09:07:53 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Tue, 09 Apr 2019 10:07:53 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1291 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0&co=aHR0cDovL2hlcHNpYmFoaXMyNDkuY29tOjgw&hl=en&v=v1554100419869&size=normal&cb=5bj0qimm6b7l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1554100419869/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gyR8lSXQrOaIL4xzWfplgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0&co=aHR0cDovL2hlcHNpYmFoaXMyNDkuY29tOjgw&hl=en&v=v1554100419869&size=normal&cb=5bj0qimm6b7l
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hepsibahis249.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hepsibahis249.com/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Apr 2019 09:07:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-gyR8lSXQrOaIL4xzWfplgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11406
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
1
mc.yandex.ru/watch/48641507/ 		152 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=http%3A%2F%2Fhepsibahis249.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1554800872740%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190409090753%3Aet%3A1554800873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A704804601%3Ahid%3A245464846%3Ads%3A32%2C12%2C122%2C47%2C0%2C0%2C0%2C91%2C0%2C%2C%2C%2C260%3Afp%3A260%3Awn%3A49215%3Ahl%3A2%3Agdpr%3A14%3Av%3A1513%3Ast%3A1554800873%3Au%3A1554800873520299585%3At%3AYouwin%20-%20Online%20Spor%20Bahisleri%2C%20Online%20Bahisler%2C%20Poker%20ve%20Casino
Requested by
Host: hepsibahis249.com
URL: http://hepsibahis249.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f07655431b2b1ef42c803e718a82d3f1f4d13ebf4931e8f18a823516b6f16959
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hepsibahis249.com/
Origin
http://hepsibahis249.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 09 Apr 2019 09:07:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09-Apr-2019 09:07:53 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://hepsibahis249.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Tue, 09-Apr-2019 09:07:53 GMT
.lp
tracking-faedd.firebaseio.com/ Frame 38C8 		422 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking-faedd.firebaseio.com/.lp?start=t&ser=92591869&cb=1&v=5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
cf0c7127d247ea741a562a765e62c9988cafaeaaa522cdfa4196a44fd0577b76
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
422
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
bframe
www.google.com/recaptcha/api2/ Frame 9A81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1554100419869&k=6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0&cb=lm7i10rx69v3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1554100419869/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gYtdYCJowQYysg9nQvcN0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=v1554100419869&k=6LfBixYUAAAAABhdHynFUIMA_sa4s-XsJvnjtgB0&cb=lm7i10rx69v3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hepsibahis249.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hepsibahis249.com/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Apr 2019 09:07:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-gYtdYCJowQYysg9nQvcN0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1125
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
.lp
s-usc1c-nss-250.firebaseio.com/ Frame C77C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?dframe=t&id=1211569&pw=TWrJ4xjImq&ns=tracking-faedd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Host
s-usc1c-nss-250.firebaseio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://hepsibahis249.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hepsibahis249.com/

Response headers

Server
nginx
Date
Tue, 09 Apr 2019 09:07:54 GMT
Content-Type
text/html; charset=utf-8
Content-Length
420
Connection
keep-alive
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
.lp
s-usc1c-nss-250.firebaseio.com/ Frame 38C8 		15 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?id=1211569&pw=TWrJ4xjImq&ser=59910100&ns=tracking-faedd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
416ebdae1319a43b48e3caf0a24100ab786aa6432e276fb735da780aa435b300
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
15
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-250.firebaseio.com/ Frame 38C8 		58 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?id=1211569&pw=TWrJ4xjImq&ser=59910101&ns=tracking-faedd&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjQtMC0wIjoxfX19fQ..
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
30bd0120e57f70174a17629a1703bb0d29bd1660f244aa45d0542637d5b960d7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
58
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-250.firebaseio.com/ Frame 38C8 		90 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?id=1211569&pw=TWrJ4xjImq&ser=59910102&ns=tracking-faedd&seg0=1&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MiwiYSI6InEiLCJiIjp7InAiOiIvdXNlcnNfaGVwc2liIiwicSI6eyJzcCI6Im51bGwiLCJlcCI6Im51bGwiLCJsIjoxLCJ2ZiI6ImwiLCJpIjoiLmtleSJ9LCJ0IjoxLCJoIjoiIn19fQ..&seg1=2&ts1=1&d1=eyJ0IjoiZCIsImQiOnsiciI6MywiYSI6InEiLCJiIjp7InAiOiIvMTk4NHByb21vcy9jYXNpbm9fdG91cm5hbWVudHMiLCJoIjoiIn19fQ..&seg2=3&ts2=1&d2=eyJ0IjoiZCIsImQiOnsiciI6NCwiYSI6InEiLCJiIjp7InAiOiIvMTk4NHByb21vcy9uZXdsZWFndWVhcHAvcmVzdWx0cy91bmRlZmluZWQvdGVhbSIsImgiOiIifX19&seg3=4&ts3=1&d3=eyJ0IjoiZCIsImQiOnsiciI6NSwiYSI6InEiLCJiIjp7InAiOiIvZmlyc3RfbG9naW4vdW5kZWZpbmVkL251bGwiLCJoIjoiIn19fQ..&seg4=5&ts4=1&d4=eyJ0IjoiZCIsImQiOnsiciI6NiwiYSI6InEiLCJiIjp7InAiOiIvMTk4NGV2ZW50cy9sb2dpbi91c2Vycy9udWxsIiwiaCI6IiJ9fX0.&seg5=6&ts5=1&d5=eyJ0IjoiZCIsImQiOnsiciI6NywiYSI6InAiLCJiIjp7InAiOiIvdXNlcnNfaGVwc2liL251bGwvYnRhZyIsImQiOiJudWxsX251bGwifX19&seg6=7&ts6=1&d6=eyJ0IjoiZCIsImQiOnsiciI6OCwiYSI6InAiLCJiIjp7InAiOiIvdXNlcnNfaGVwc2liL251bGwvZW1haWwiLCJkIjoibnVsbCJ9fX0.&seg7=8&ts7=1&d7=eyJ0IjoiZCIsImQiOnsiciI6OSwiYSI6InAiLCJiIjp7InAiOiIvdXNlcnNfaGVwc2liL251bGwvc2J1c2VyaWQiLCJkIjoibnVsbCJ9fX0.&seg8=9&ts8=1&d8=eyJ0IjoiZCIsImQiOnsiciI6MTAsImEiOiJwIiwiYiI6eyJwIjoiL3VzZXJzX2hlcHNpYi9udWxsL3VzZXJuYW1lIiwiZCI6Im51bGwifX19
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
9812d665bd7affe82abde50fd70bed032591d6ac1e5c53ffd1e834204fa76682
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
90
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-250.firebaseio.com/ Frame 38C8 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?id=1211569&pw=TWrJ4xjImq&ser=59910103&ns=tracking-faedd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
7aa47ec5cb00abb514a09dcc00ce0204cacd8d0e215c43ffd0dde88608f055d8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
7430
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-250.firebaseio.com/ Frame 38C8 		59 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?id=1211569&pw=TWrJ4xjImq&ser=59910104&ns=tracking-faedd&seg0=10&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MTEsImEiOiJuIiwiYiI6eyJwIjoiLzE5ODRwcm9tb3MvY2FzaW5vX3RvdXJuYW1lbnRzIn19fQ..
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
69d6d726233195dbdef94d7a1ad5fd819c0d155b72361aa934dfcc99487e7bc6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
59
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-250.firebaseio.com/ Frame 38C8 		59 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?id=1211569&pw=TWrJ4xjImq&ser=59910105&ns=tracking-faedd&seg0=11&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MTIsImEiOiJuIiwiYiI6eyJwIjoiLzE5ODRwcm9tb3MvbmV3bGVhZ3VlYXBwL3Jlc3VsdHMvdW5kZWZpbmVkL3RlYW0ifX19&seg1=12&ts1=1&d1=eyJ0IjoiZCIsImQiOnsiciI6MTMsImEiOiJuIiwiYiI6eyJwIjoiL2ZpcnN0X2xvZ2luL3VuZGVmaW5lZC9udWxsIn19fQ..&seg2=13&ts2=1&d2=eyJ0IjoiZCIsImQiOnsiciI6MTQsImEiOiJuIiwiYiI6eyJwIjoiLzE5ODRldmVudHMvbG9naW4vdXNlcnMvbnVsbCJ9fX0.
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
257df72bad44ebcd69f75c0a077a81210c028ca3ee8178e8e9dff26daf298a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
59
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-250.firebaseio.com/ Frame 38C8 		160 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-250.firebaseio.com/.lp?id=1211569&pw=TWrJ4xjImq&ser=59910106&ns=tracking-faedd&seg0=14&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
8f67e09f2889abf97b8e3a44885697c7d73eb5e0a36a72f3f59dc51501d53cae
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
http://hepsibahis249.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Apr 2019 09:07:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
160
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| onloadCallback object| google_tag_manager string| XtremePushObject function| xtremepush string| sbUserId undefined| sbUserId_prev function| doOpenWebNotificationWindow function| getDataLayerValue function| fixTimeUKtoUTC function| voodooBetonfire function| twq undefined| script undefined| user_id function| getParameterByName string| pname string| affiliate object| date string| expires object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| firebase function| webpackJsonp object| config boolean| firebaseIsInitialized boolean| updateData object| myq undefined| _tierCode undefined| _domain boolean| sports_teaser boolean| featured_bet object| twttr object| Ya object| yaCounter48641507 object| recaptcha object| closure_lm_740990 object| XPConfig object| XPTranslations function| XPCore function| XPCoreWindow function| XPCoreFrame function| XPStore function| XPStoreDetectPrivateMode function| XPApi function| XPApiRequest function| XPSessionManager function| XPUpdateManager function| XPGaManager function| XPPushManager function| XPPushWebManager function| XPPushSafariManager function| XPWindowManager function| XPFrameManager function| XPNotificationCenter function| XPLocalNotification function| XPPageHelper function| XPPopupMessage function| XPInterface function| XPTranslation string| XPStyle undefined| XPPopupStyle object| XPEnvironment object| XPApiInstance object| XPStoreInstance object| XPSessionManagerInstance object| XPUpdateManagerInstance object| XPGaManagerInstance object| XPPushManagerInstance object| XPTranslationInstance object| XPNotificationCenterInstance object| XPWindowManagerInstance object| XPFrameManagerInstance function| pLPCommand1 function| pRTLPCB1

13 Cookies

Domain/Path Name / Value
hepsibahis249.com/ Name: affiliateName
Value: net_refer_657239
hepsibahis249.com/ Name: affiliateclickthrough
Value: 816223895
.hepsibahis249.com/ Name: _ym_visorc_48641507
Value: w
.hepsibahis249.com/ Name: _ga
Value: GA1.2.1339064304.1554800873
hepsibahis249.com/ Name: affiliateTpid
Value: 70618
.hepsibahis249.com/ Name: _ym_d
Value: 1554800873
.hepsibahis249.com/ Name: _ym_uid
Value: 1554800873520299585
.hepsibahis249.com/ Name: _gat
Value: 1
.hepsibahis249.com/ Name: _ym_isad
Value: 2
.hepsibahis249.com/ Name: _dc_gtm_UA-26966128-5
Value: 1
.hepsibahis249.com/ Name: _gid
Value: GA1.2.954104143.1554800873
hepsibahis249.com/ Name: sbUserId_prev
Value: null
hepsibahis249.com/ Name: affiliatePname
Value: 657239_648B139C818F4EFAA5B4F166563E1680

12 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
Looping in wait4firebase
console-api log (Line 1)
Message:
Looping in wait4firebase
console-api log (Line 1)
Message:
Looping in wait4firebase
console-api log (Line 1)
Message:
Initialize Firebase
console-api log (Line 1)
Message:
Calling: Firebase - Read User Data
console-api log (Line 1)
Message:
Betonfire - INIT
console-api log (Line 1)
Message:
Calling: Update tournaments
console-api log (Line 1)
Message:
Calling: Get favorite team
console-api log (Line 1)
Message:
Calling: Tracking - Login - Update user information
console-api log (Line 1)
Message:
Calling: Tracking - FirstLogin - Check
console-api log (Line 1)
Message:
Calling: Tracking - Login Event
console-api warning URL: https://www.gstatic.com/firebasejs/4.0.0/firebase.js(Line 321)
Message:
FIREBASE WARNING: Exception was thrown by user callback. Error: Firebase.set failed: First argument contains undefined in property 'first_login.undefined.null' at Pd (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:369:67) at Od (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:368:694) at U.g.set (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:521:241) at <anonymous>:1:326 at c (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:504:58) at https://www.gstatic.com/firebasejs/4.0.0/firebase.js:464:831 at fc (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:328:165) at bf (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:393:215) at cf (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:392:403) at Object.G (https://www.gstatic.com/firebasejs/4.0.0/firebase.js:482:93)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hepsibahis249.com
mc.yandex.ru
s-usc1c-nss-250.firebaseio.com
src.webpu.sh
static.ads-twitter.com
stats.g.doubleclick.net
tracking-faedd.firebaseio.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.18.34.133
104.18.35.133
151.101.120.157
2600:1901:0:94b6::
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:818::2004
2a00:1450:4001:820::200e
2a00:1450:4001:821::2003
2a00:1450:400c:c0a::9b
2a02:6b8::1:119
54.194.225.57
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07a045bd0b098c8ca4b92ec31d5247281c8db4ea451d53db155b50bd2e388a70
0d886d0b09985e9f66aa8255c64b7b4fb2012c02a62f53f7971b7983434f0267
1b88387df98dd9ee7553c6f625e4742b720360ee565c6a5b1f923c8f2767a342
1bfa18733c76a19a7f357707a25d3d7825665598fe6aadbc31af7902e34c7ec0
257df72bad44ebcd69f75c0a077a81210c028ca3ee8178e8e9dff26daf298a3c
2f4bde5b4ea2043941f48d209ecde1cf0c855a9fa2fc15c00a61fdc49890678e
30bd0120e57f70174a17629a1703bb0d29bd1660f244aa45d0542637d5b960d7
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
416ebdae1319a43b48e3caf0a24100ab786aa6432e276fb735da780aa435b300
4c22e7f53296ef925eeaa7cda99de2ef82b8d0fd9b349e2c18c38787634a2bf7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
69d6d726233195dbdef94d7a1ad5fd819c0d155b72361aa934dfcc99487e7bc6
7aa47ec5cb00abb514a09dcc00ce0204cacd8d0e215c43ffd0dde88608f055d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f67e09f2889abf97b8e3a44885697c7d73eb5e0a36a72f3f59dc51501d53cae
93efba12229c5d6f08c74dc53ef1f3eb96c8e887ab80dcc4e76ff6669f8cb17c
9812d665bd7affe82abde50fd70bed032591d6ac1e5c53ffd1e834204fa76682
a0d49e6bc90267dc90c7b5cd65288bdcd0404ff1eca3f59b3e5d9357ff8f8963
b7fc2fb688cf1bb7c4de30c20b2c28142153e2f296624cb73f7c5d223e57bd08
ba705af854d539af056ca751dad5e70b7a9a12fb8ba2760e4936cfaf3b2f66b5
cf0c7127d247ea741a562a765e62c9988cafaeaaa522cdfa4196a44fd0577b76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07655431b2b1ef42c803e718a82d3f1f4d13ebf4931e8f18a823516b6f16959
f380be24e1ab4ad388152ebdd110b492e6be7cdba971a0d68d2269669c4a2f7e