hepsiburadaplay.fun Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hepsiburadaplay.fun/
Submission: On September 26 via manual (September 26th 2023, 12:32:49 pm UTC) from TR — Scanned from NL

Summary HTTP 170 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 61 IPs in 14 countries across 67 domains to perform 170 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United Kingdom and belongs to CLOUDFLARENET, US. The main domain is hepsiburadaplay.fun.

This is the only time hepsiburadaplay.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	31.3.2.79 31.3.2.79	21245 (MEDIANOVA...) (MEDIANOVA-CDN)
9	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2014	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	31.3.2.70 31.3.2.70	21245 (MEDIANOVA...) (MEDIANOVA-CDN)
9	23.37.226.99 23.37.226.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	2600:9000:21f... 2600:9000:21f3:0:2:ed53:b1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	108.138.7.105 108.138.7.105	16509 (AMAZON-02) (AMAZON-02)
3 7	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	193.108.153.6 193.108.153.6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 11	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	34.251.187.151 34.251.187.151	16509 (AMAZON-02) (AMAZON-02)
1	23.213.165.82 23.213.165.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.66.159.214 3.66.159.214	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2.21.20.200 2.21.20.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.156.97.229 35.156.97.229	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 4	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
3 3	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.171.14.223 54.171.14.223	16509 (AMAZON-02) (AMAZON-02)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.246.44.190 34.246.44.190	16509 (AMAZON-02) (AMAZON-02)
1	52.218.98.139 52.218.98.139	16509 (AMAZON-02) (AMAZON-02)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 6	89.163.142.91 89.163.142.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	193.135.9.129 193.135.9.129	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	80.85.85.173 80.85.85.173	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	52.215.100.89 52.215.100.89	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	108.138.17.48 108.138.17.48	16509 (AMAZON-02) (AMAZON-02)
2 3	35.172.171.236 35.172.171.236	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.33.121.220 63.33.121.220	16509 (AMAZON-02) (AMAZON-02)
1 1	108.129.25.174 108.129.25.174	16509 (AMAZON-02) (AMAZON-02)
3	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.29.154.74 52.29.154.74	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:b800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.126.31.96 3.126.31.96	16509 (AMAZON-02) (AMAZON-02)
1	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
170	61

36 2a06:98c1:3120::3 (United Kingdom)

ASN13335 (CLOUDFLARENET, US)

hepsiburadaplay.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 31.3.2.79 (Turkey)

ASN21245 (MEDIANOVA-CDN, TR)

images.hepsiburada.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Italy)

ASN13335 (CLOUDFLARENET, US)

cdnstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Sweden)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

hb-digital-analytics.uw.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Poland) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.3.2.70 (Turkey)

ASN21245 (MEDIANOVA-CDN, TR)

img2-digitouch.mncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.37.226.99 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-37-226-99.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:0:2:ed53:b1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.humanz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-105.fra56.r.cloudfront.net

v11cf13hx0.execute-api.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.5.132 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-6.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.187.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-187-151.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.82 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.159.214 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-159-214.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.200 (Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-200.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.97.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-97-229.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.243.51.122 (Denmark) 5 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.21 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.126.47 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.14.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.44.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-44-190.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.98.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.163.142.91 (Germany) 5 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm40.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.129 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.85.173 (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li749-173.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.100.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.48 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-48.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.172.171.236 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-171-236.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.121.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-121-220.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.129.25.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-25-174.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.154.74 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-154-74.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.31.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-31-96.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	hepsiburadaplay.fun hepsiburadaplay.fun	1 MB
29	hepsiburada.net images.hepsiburada.net — Cisco Umbrella Rank: 82204	379 KB
23	adform.net 5 redirects s2.adform.net — Cisco Umbrella Rank: 8148 track.adform.net — Cisco Umbrella Rank: 3716 c1.adform.net — Cisco Umbrella Rank: 954 dmp.adform.net — Cisco Umbrella Rank: 4243	78 KB
9	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 875	142 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	168 KB
8	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 10578444.fls.doubleclick.net Failed cm.g.doubleclick.net — Cisco Umbrella Rank: 329	133 KB
7	adsafety.net 6 redirects cm.adsafety.net — Cisco Umbrella Rank: 16085 tags.adsafety.net — Cisco Umbrella Rank: 66237	12 KB
6	semasio.net 5 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2139 se.semasio.net — Cisco Umbrella Rank: 32605	3 KB
4	exelator.com 3 redirects loadm.exelator.com — Cisco Umbrella Rank: 2754 load77.exelator.com — Cisco Umbrella Rank: 5879 loada.exelator.com — Cisco Umbrella Rank: 35065	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 secure.adnxs.com — Cisco Umbrella Rank: 806	3 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1262 trc.taboola.com — Cisco Umbrella Rank: 907 trc-events.taboola.com — Cisco Umbrella Rank: 2331	22 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 3797	2 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 802	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14107	632 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	2 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	913 B
2	smartstream.tv 2 redirects ads.smartstream.tv — Cisco Umbrella Rank: 19826 cm.smartstream.tv — Cisco Umbrella Rank: 326196	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	297 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3680	925 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1088	647 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3400	692 B
2	seadform.net server.seadform.net — Cisco Umbrella Rank: 36027	915 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	amazonaws.com v11cf13hx0.execute-api.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 106772 s3-eu-west-1.amazonaws.com	390 B
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 821	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 6781	562 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	702 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	229 KB
1	sojern.com pixel.sojern.com — Cisco Umbrella Rank: 9851	156 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2936	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 713	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 42047	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1092	237 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 2022	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 687	1 KB
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 2721	418 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 936	491 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 40280	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1265	471 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1035	338 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 49237	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 3562	273 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 1377	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 719	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1620	344 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 614	146 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 919	683 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 509	125 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011	114 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 764	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4449	400 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 1002	199 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	880 B
1	humanz.com assets.humanz.com — Cisco Umbrella Rank: 123614	2 KB
1	mncdn.com img2-digitouch.mncdn.com — Cisco Umbrella Rank: 73520	469 B
1	appspot.com hb-digital-analytics.uw.r.appspot.com — Cisco Umbrella Rank: 146275	364 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 958	304 B
1	t.co t.co — Cisco Umbrella Rank: 707	376 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	15 KB
1	cdnstat.net cdnstat.net — Cisco Umbrella Rank: 229844	697 B
0	e-volution.ai Failed sync.e-volution.ai Failed
0	1dmp.io Failed sync.1dmp.io Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	twitter.com Failed analytics.twitter.com Failed
170	67

	Domain	Requested by
36	hepsiburadaplay.fun	hepsiburadaplay.fun
29	images.hepsiburada.net	hepsiburadaplay.fun
11	c1.adform.net	2 redirects hepsiburadaplay.fun c1.adform.net
9	analytics.tiktok.com	hepsiburadaplay.fun analytics.tiktok.com
9	cdn.cookielaw.org	hepsiburadaplay.fun cdn.cookielaw.org
7	track.adform.net	3 redirects hepsiburadaplay.fun track.adform.net
6	cm.adsafety.net	5 redirects c1.adform.net
4	cm.g.doubleclick.net	4 redirects
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	se.semasio.net	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
2	trc-events.taboola.com	hepsiburadaplay.fun
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	match.adsrvr.org	c1.adform.net
2	pixel.onaudience.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	server.seadform.net
2	www.facebook.com
2	s2.adform.net	hepsiburadaplay.fun track.adform.net
2	creativecdn.com	1 redirects hepsiburadaplay.fun
2	connect.facebook.net	hepsiburadaplay.fun
2	www.google.nl	hepsiburadaplay.fun
2	securepubads.g.doubleclick.net	hepsiburadaplay.fun
2	www.googletagmanager.com	hepsiburadaplay.fun
1	pixel.sojern.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	pixel.mathtag.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	x.bidswitch.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	analytics.pangle-ads.com	analytics.tiktok.com
1	v11cf13hx0.execute-api.eu-west-1.amazonaws.com	hepsiburadaplay.fun
1	www.google.com
1	assets.humanz.com	hepsiburadaplay.fun
1	img2-digitouch.mncdn.com	hepsiburadaplay.fun
1	googleads.g.doubleclick.net	hepsiburadaplay.fun
1	hb-digital-analytics.uw.r.appspot.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	t.co	hepsiburadaplay.fun
1	trc.taboola.com	cdn.taboola.com
1	static.ads-twitter.com	hepsiburadaplay.fun
1	cdn.taboola.com	hepsiburadaplay.fun
1	cdnstat.net	hepsiburadaplay.fun
0	sync.e-volution.ai Failed	c1.adform.net
0	sync.1dmp.io Failed	c1.adform.net
0	global.ib-ibi.com Failed	c1.adform.net
0	10578444.fls.doubleclick.net Failed	hepsiburadaplay.fun
0	analytics.twitter.com Failed	hepsiburadaplay.fun
170	84

This site contains links to these domains. Also see Links.

Domain
www.hepsiburada.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.hepsiburada.net Sectigo RSA Domain Validation Secure Server CA	`2023-02-08` - `2024-03-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cdnstat.net E1	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-03`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.humanz.com Amazon RSA 2048 M01	`2023-03-13` - `2024-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.execute-api.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2023-02-20` - `2024-01-11`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
teads.tv R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://hepsiburadaplay.fun/
Frame ID: D87D82097AE14411E922712F40887655
Requests: 127 HTTP requests in this frame

Frame: https://10578444.fls.doubleclick.net/activityi;src=10578444;type=remar0;cat=remar0;ord=1916183721705;auiddc=2032946502.1695731565;u27=undefined;u28=other;u29=http%3A%2F%2Fhepsiburadaplay.fun%2F;u30=undefined;u31=undefined;u32=;u33=;u34=undefined;gtm=45He39k2;epver=2;~oref=http%3A%2F%2Fhepsiburadaplay.fun%2F
Frame ID: 134C4C905B96363F84A37C9BA254D6F3
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_0HO8BA20e0wbYZgM7EIK&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined&ncm=1&tc=1
Frame ID: E81A04A38C1965CFA957F2C549BDE3F7
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=2585712&lid=109517341&ctype=0&media=0&PageName=Adform_Web_Remarketing&sysvars=%7c%7c%7c%7c%40%40pgr%3dundefined%7c%7cpnm%3dundefined%7c&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&rnd=1865192900&cpref=&loc=http%3a%2f%2fhepsiburadaplay.fun%2f
Frame ID: 51105B829F5BD531353C3923D18D230C
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Frame ID: 7DF23F858F9312D57BCFF3706EE72C89
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Türkiye'nin En Büyük Online Alışveriş Sitesi Hepsiburada.com Back ButtonSearch IconFilter Icon

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

170
Requests

62 %
HTTPS

20 %
IPv6

67
Domains

84
Subdomains

61
IPs

14
Countries

2412 kB
Transfer

9321 kB
Size

66
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hepsiburada.com/kisisel-verilerin-korunmasi#cerez-politikasi
Title: Çerez Politikası

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

http://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c

Request Chain 97

https://creativecdn.com/tags?type=script&id=pr_0HO8BA20e0wbYZgM7EIK&ncm=1&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined HTTP 302
https://creativecdn.com/tags?type=script&id=pr_0HO8BA20e0wbYZgM7EIK&ncm=1&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined&tc=1

Request Chain 112

https://track.adform.net/Serving/TrackPoint/?pm=2585712&ADFPageName=Adform_Web_Remarketing&ADFdivider=%7C&ord=223830114900&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFPageName=Adform_Web_Remarketing&ADFdivider=%7C&ord=223830114900&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 113

https://track.adform.net/Serving/TrackPoint/?pm=2585712&ADFdivider=%7C&ord=883351957884&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFdivider=%7C&ord=883351957884&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 126

https://track.adform.net/serving/scripts/trackpoint/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-sync.js

Request Chain 131

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1650959402315091635&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1650959402315091635&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=af90ec3693f64652ae0699f822f4defa HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=635aba8c1e0296ac3514ee12ebfca64722d76dfd854df0776a88ae3a17e9c58b

Request Chain 136

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1650959402315091635&expiration=1696941165 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1650959402315091635&expiration=1696941165&C=1

Request Chain 137

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1650959402315091635&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1650959402315091635&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=1650959402315091635&gdpr=&sInitiator=external HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=4870297687325336885&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTYwM0UyOUMzRjZCNDQ0OQ&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEB7LIbIyHvEsHuHB8Vq4c2w&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB7LIbIyHvEsHuHB8Vq4c2w&sInitiator=internal&google_cver=1&gdpr=

Request Chain 139

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1650959402315091635 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1650959402315091635&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 144

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 145

https://pixel.onaudience.com/?mapped=1650959402315091635&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a7978d33bce5df9444ab09aab74233b9&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 146

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1650959402315091635 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120230926122ec7df162959c7342d3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=4bf48701fd75cbc303ded5b71ab1e8f2&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA5MjYxMjJlYzdkZjE2Mjk1OWM3MzQyZDM&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEOQlvilw2r3Em-ApQqLnW6Y&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120230926122ec7df162959c7342d3 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=7060750083923030456 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120230926122ec7df162959c7342d3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=4bf48701fd75cbc303ded5b71ab1e8f2 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7283111618766698647 HTTP 302
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7283111618766698647

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTY1MDk1OTQwMjMxNTA5MTYzNQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEN621OlHXqaDiqj-FiM9ic&google_cver=1&google_ula=1641347,0

Request Chain 149

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=4870297687325336885&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=7060750083923030456

Request Chain 153

https://a.audrte.com/a?adform_uid=1650959402315091635 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTUxb3hNWmxtcG5ScUdaOFRZY0F0WnV3dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 154

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1650959402315091635&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1650959402315091635&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=53290066842054341403452827430045358696&noredirect=1

Request Chain 155

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1650959402315091635 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220043204651002334996

Request Chain 156

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7283111618766698647

Request Chain 159

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=atdtVmMe1QL7f85

Request Chain 163

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1777438417 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nwNmjzJJ8Nk2xncJbvXU7e

Request Chain 167

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1650959402315091635&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1650959402315091635&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=bbd0dd41-83ad-429a-9438-d7f05eb442c4

170 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hepsiburadaplay.fun/ 3 MB
355 KB 134ms
93ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3bb26deb7b861d17d8c507050a907371078ba4879e30c564b7384b507c0032d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 80cb87fe4bda0be6-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Sep 2023 12:32:43 GMT
Last-Modified: Sun, 24 Sep 2023 10:15:44 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDh%2FhEGbNahdsyYzMVnbU5kDXF8UywFHpuM0oOizywt4R2Hig6DWwKJLi%2Fd087HaaKd5mHqopr7E2Zb6z1spYOWHIPUWIb4eoDVWJeryLhAoyMRAFCAvJ%2B2EZ7gtaHZf3U5q%2BlfaPqgTnoaXDRI8l2uC"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/1920-540/backgroundImage2141_20230921195017.png/ 2 KB
3 KB 124ms
29ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/1920-540/backgroundImage2141_20230921195017.png/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

b1acdbc184a5254e83e30d1656b4cf6beb9e53660afa9e6c2c934b6f85bd3a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:44 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 2256
vha6-origin: av-dali-varnish-01
content-length: 2256
server: MNCDN-236
x-mnrequest-id: 16418d5b2172a340392a979c163af845
etag: W/"8d0-SLX2V0B24UQ5LmbEpzp+ggTR3qY"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:44 GMT

GET
H/1.1 200
OK gtm.js Show response
hepsiburadaplay.fun/js/ 446 KB
132 KB 66ms
46ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/gtm.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6736f8ba2193dc4c1475507b305da97e343276713e3589fede7b8462ec2a660

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31984
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:07 GMT
Server: cloudflare
ETag: W/"65100c67-6f798"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9yb7joR2FE8MVQLTMUbyUX7vyCVwSuwhb1gQiVza%2F2gyPnyqxpv59UsJnNPw7IiQsp5sTJw%2BR0llB11Hz96J6fYXgZwRfDWvvDzEZuuz2pCAXi2NPE2bMX3vJ0%2BKC6cURuQFhP%2F6GwUqe3fMsAzsF%2FN"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87feff70b8e2-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6335-1c75918592b13c182887.css
hepsiburadaplay.fun/css/ 8 KB
3 KB 42ms
40ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/6335-1c75918592b13c182887.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b785b44bc6053e5ef41a0930f300865bcdf95aef1ed68c477c1e3a0b875e3f3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 82170
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:45 GMT
Server: cloudflare
ETag: W/"65100c51-1fd7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfWCKqR8CTHe1nNplTeioLRlZ6AsnFXsO%2BbtbGaMQb4WnzjSqx49z6RWBWZKyAg%2BGwAHMGbxWYroAWl2U9ZMmhKdQ5vqKDSDHBLOCohJISa5jGMY%2BkiJt6Uz%2BqGE1m%2BsBn5tfXpLP4K3oQqvIYyu97Ob"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb880128260be6-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9799-2112f61ff5ebeff89325.css
hepsiburadaplay.fun/css/ 220 B
897 B 43ms
42ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/9799-2112f61ff5ebeff89325.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a8dba5d360b94d2981c950f20c56b16d0462f5f9955b72404c336fba9aca3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 60937
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:45 GMT
Server: cloudflare
ETag: W/"65100c51-dc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErOmUkw%2B5GOhVmntR2e3ohvqoRu4egr4lwsWEgZ6CGHyxW10t0ig%2BltbAIWv7k%2BTz1mrEurBAuZvo8k2g3omSwc0Kw%2BejU8eLR5wTTK88myXMWtKnnmXsEuI6q17eE6Pb8xVMMpLSRCHr%2FTUFvLrTvFt"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb88012b2a0299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK clientDesktop-36dcbbc9432a4a2c0cb6.css
hepsiburadaplay.fun/css/ 6 KB
3 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/clientDesktop-36dcbbc9432a4a2c0cb6.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12dda3012d640cbd96cf2366e656a2ad828b544625a6273f72a1395e6616bfa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86312
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:45 GMT
Server: cloudflare
ETag: W/"65100c51-1722"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn%2BRC2MXAK%2BuS50jx8ivzUQmTFpVFqjShNbjBsBsj2dUXCB004lqZ7Pxcdwiax9NIvATmTYyKqRTsId5bGj6GXV3uZVpczGB%2FmHgt5mEfjXB%2B2mEYFZn3YlhYB5STf0OLpU4DGio2E41RCgCEYMDwgfH"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb88012936b8e2-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK library.dll.js Show response
hepsiburadaplay.fun/js/ 391 KB
122 KB 71ms
44ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/library.dll.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3431c7c047468c0917980b7bc145bffb057100273e76ac766cbf71e22bee0b9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 85940
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:07 GMT
Server: cloudflare
ETag: W/"65100c67-61b6b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5XJL3HIP4osTR84VP9hnaAyLZqaMyXIR8VWmfgSLSHd5wqGbkFGlwa%2BF5tQVHTT8hUFqWaS%2FOrktRp8wcv3tmDGrzgrfVzq%2F0YIxE4t4YocIr6C2YlmeImFTea6tqjQR0X1rFcWHamNCNz7aG1plgqR"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ff38ae0299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vendor-c78fac24aff2911ed034.js Show response
hepsiburadaplay.fun/js/ 332 KB
107 KB 85ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/vendor-c78fac24aff2911ed034.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6a9dac82c1b77a9b34a5eb01fd555f6fbeb9d097afde4068ab9ccc64b64366

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31794
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:08 GMT
Server: cloudflare
ETag: W/"65100c68-52f74"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxWd5EFhFyye2ud2vu1Pls7zwyrSK0jUZdFdKaNuFG7Lm5WxsfA5ROgTgfB%2BEEqwAFspXh1o3HvPSG%2BG1V72OsxYwV4PwJexPb9hSfZ87uH8%2BJe1x7KMALkY%2BaVDbBEoa6lBXzKu3H33WIXb%2F61OhxTp"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ff5e169225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 591-3330f0860a853f8b8d5e.js Show response
hepsiburadaplay.fun/js/ 189 KB
39 KB 110ms
38ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/591-3330f0860a853f8b8d5e.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c55fc0d94f10da5ab415ea868fae9c4e91e7b7721d52a73e3122eb02f7e4ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 60937
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:05 GMT
Server: cloudflare
ETag: W/"65100c65-2f3fa"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlqhIKW0IXvSRMxTCOgIAy6ardsKZXHiRASaRVcEdNxgK0R5GZHdH5jLYTD5gBxMd9fD3KwHSPJxGmoP9891GzgSzJIuo9UZRdAC8M7MEne%2FLtQHQjlCFXSkpsFjgSutC0%2Fy%2BHrUGDAXEjpXPwvAzpEN"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ff7ac9d619-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9082-93f4fd029725a9a7c6ce.js Show response
hepsiburadaplay.fun/js/ 45 KB
11 KB 127ms
38ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/9082-93f4fd029725a9a7c6ce.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73c65e166c668746d5d5e7187670eb86e2bf54f05ae7cca814992b77311944a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31984
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:06 GMT
Server: cloudflare
ETag: W/"65100c66-b37d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATYTL1hcoOqroIq0Hh0H9rp8R%2FiLqnSfh3EVXEkv7PvUcPL4490KncTcQ4DfjiXrmFIK6Dzz38fsulS9HFIg8nLMz1ZW3loyc9SQ1Y6BJA%2BQ3QQ6VyQ3YZJuWZeDuQzN%2BSZpqS5gkrFh%2FxqG3g0IyZ6l"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffa801b8e2-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1422-8031323f42e85d0afe0e.js Show response
hepsiburadaplay.fun/js/ 92 KB
20 KB 222ms
119ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/1422-8031323f42e85d0afe0e.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1fd2420e5db87f1b50536774f30da92d63e826df7a767195b76151e11d710f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31455
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:04 GMT
Server: cloudflare
ETag: W/"65100c64-1711c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYPZcOppzCbxYmoO%2F5ZYyqTXPN%2FrtEog8tG2%2Bca7hy6YwirItJptfj0UV2AxLZcIUHwOcFTJcWMXaASczvVM1Dclr4brHY9ZqqC6n%2F0hprM1W8zX6tYsj3JqEex15TsV84OBjgkViv%2B8LvWp2PM2RNNk"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffe9fa42f4-EWR
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2164-4a6d86650aef9d910670.js Show response
hepsiburadaplay.fun/js/ 63 KB
16 KB 141ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/2164-4a6d86650aef9d910670.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21bc239ea9640eadcec6a4f1e2e93e20b0f4c5bb0c54a771e01f4cecbcb65664

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86013
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:04 GMT
Server: cloudflare
ETag: W/"65100c64-fd7e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7fjSc5%2Bv%2Bi7AMqSKvvJWz3ovUUg6eOBzc4QgGEYs7TVHx2suIB6Qeru59BQtnlRHFU9B%2BOLzvi8QTZMLnLRnKBjS1zzz2B1aMd5YudYGjLgL0FAn3pFN69fU6ccgE1SHWEPXE6%2FQZnzyz%2Fj7b5QCAxo"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffb9770299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK clientDesktop-c414e66e0d4bebd78ddb.js Show response
hepsiburadaplay.fun/js/ 8 KB
5 KB 150ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/clientDesktop-c414e66e0d4bebd78ddb.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 957d8f497d3b0e7a0daaa195448fcf45b17103c72a28284c5f25581971c2b398

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 85600
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:07 GMT
Server: cloudflare
ETag: W/"65100c67-2135"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glKafLT22YBNxQby9iA85BYf%2FbOmaFNLs8KPVeMYZOJrcTBCSj05SvawRldHhIlWxRsbjLYjWsxPtA76y7wp5wr4o1SKh%2BKR3ydXuxNN07m%2FHYpXnbC%2Ff%2BJBS1E1TH1MovapM87IcRUydXw84YvA5MIf"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffcdb20be6-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 902-182fc8746bc698fa7e89.js Show response
hepsiburadaplay.fun/js/ 6 KB
3 KB 149ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/902-182fc8746bc698fa7e89.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a74f91eba759e6c7023df7fd7d7f0480d585a785da8827462c249722d4c854

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86013
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:06 GMT
Server: cloudflare
ETag: W/"65100c66-1659"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxnO1utzojEMSU742M82ZzVCvwrSZdzWwqFcLfiqUNAJ%2B3YJIxQX0wH0HqWxE25CPHOmb%2BN5vSNsjKZUADwksMFLeg%2BnwVpfL7uAZvvZz%2FGTFMMVlHfzZ4fpwcc781%2B2PqtRSHdAahH1b1R5jF4wcEeC"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffcb35d619-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9799-fc2520776d5d05c623f5.js Show response
hepsiburadaplay.fun/js/ 6 KB
3 KB 156ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/9799-fc2520776d5d05c623f5.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448a8188374b1b0dbdd30d41447642c160cb4631589508832103581290998609

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86312
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:06 GMT
Server: cloudflare
ETag: W/"65100c66-1890"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EySejv3CaBYyTawxofH1%2FssGcUbJVuMBdeO8swwniMZ%2BAJ0kcfo3U2%2FKABvPJjeA%2FguL%2Bpq3EJB6gTlDaC3YjwyHREwpvHcvZCK%2FrcbDuk1F7Txmdslk5ijFS4wKntuefZalrw5pVz3Mfsaxq78tUEgH"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffd826b8e2-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 4593-d3a51632252f12511c87.js Show response
hepsiburadaplay.fun/js/ 15 KB
6 KB 202ms
73ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/4593-d3a51632252f12511c87.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08b08f1e3e84ecc2fd388517b5fc2a2c0ea217eb8b94eb47e4914d938ea652d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:05 GMT
Server: cloudflare
ETag: W/"65100c65-3ae7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2G0OPRYfRIXddD7SNCKyFHQU22yjSNi6QZ0JULI6bF3Ww8nPx8dbzwkGdBXZnh1Q37xk4%2FcxOzqE%2Bn2TZgQ%2FiWfTB5QnmrVZ9PujLhiw2S3bAqfKbUiTRU8q%2FL79gTNWkFY4fHjQ3YWOXZR64YH5RWy"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffce509225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6504-51aba531409b78fa2e5a.js Show response
hepsiburadaplay.fun/js/ 16 KB
5 KB 178ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/6504-51aba531409b78fa2e5a.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c921c9c2ac7b8962d320b8a389fda03733a758e4424628c22cbbd3b22aff0c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 60937
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:05 GMT
Server: cloudflare
ETag: W/"65100c65-3e9e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUTelIHvkw2FRO0SWVD8u%2FvSWtukPn%2FhdfBSSjXOdmiuWmf29pl1azW1j6gJyINP0Pqr8V7whrN5uTFJASy3QrbEZNaF2TukF76Hw%2BHlMZvNWqxhQ5c29qSVngbaSjLuvwXPwnTjsCMpdnwDvLSbg%2Bvg"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87ffe9b30299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7584-d4a5f4031604887492ed.js Show response
hepsiburadaplay.fun/js/ 6 KB
3 KB 189ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/7584-d4a5f4031604887492ed.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e396498d06b308b63786373ad975e59c30f57b96b52a1522e9bc4f8fac9152d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86012
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:06 GMT
Server: cloudflare
ETag: W/"65100c66-170f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibC%2BA3T8t%2FaZ4Eu18l37JjAheatGayawTDk3E%2FAPRN4PJ9d3IF%2F1YSow68wlms4KzH5dYegnWvfwkv49hHCxHXgMBceN4eUwZJmWuQM3c1PKKLaoTc7KcLE1ZmslC3H9MCOEP7Ku67Joq04qd25dk6uP"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87fffb9bd619-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6335-2cf9b6f5fcccf89555f0.js Show response
hepsiburadaplay.fun/js/ 24 KB
9 KB 181ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/6335-2cf9b6f5fcccf89555f0.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b3702d6bb978ed9c116170cb7a1fbcfb9dae1cd19045846fcfdc37c669be31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86312
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:05 GMT
Server: cloudflare
ETag: W/"65100c65-5fa0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DORKxLorXj2Ym6nxbngaoaXnh0rznGPgloLQQBXsLlOwu1khFaoYJV3CDXjdlGmKbUWt5HWbXEW5iZAugphX4sWmqbEVlt69Jac0GrqRKbuRc%2FWCjRkkt5pkeYLo34gW3qvd6WiVlhVLLJAZksNDFWIM"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb87fffdf20be6-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK onetrust.v10.js Show response
hepsiburadaplay.fun/js/ 2 KB
2 KB 29ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/onetrust.v10.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40fea96a497ad20cba693f4c648be46d86784c3d31ae1dd88607381705441176

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31983
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:08 GMT
Server: cloudflare
ETag: W/"65100c68-8bf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL5FssLw0ysOqOnwX8VQp%2FstHBqsGNVYpyWbDV%2B%2FTbTMRC9ScGiae8wAOALhhBIj03%2BDQVWytartEf0R9lHocvm2LUMbXBFO5V8agf88TkzafYBFpigSEstUrgEncyTnyGPaXCnftw7XXdrj0oYA4qjD"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb88007ec49225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK SearchBoxOld.css
hepsiburadaplay.fun/css/ 6 KB
2 KB 52ms
35ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/SearchBoxOld.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75605519c533148be8887e7cc4b38c016bea0c5c30bb7dfdbf3eda1ca5f5a082

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 82861
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:47 GMT
Server: cloudflare
ETag: W/"65100c53-18e5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeqH8whBbazIg5nYf4Hh%2FT11Eu9bN2p8n5lWXB411hwMMpGmbSTEgQzq5dQFzf6h8SWq0FAMB1Gkpy1mRFcdWG77ksDqgza4NQO63ovL7splGkn9uFjw25GEdnouNnLac7sNRKzRA%2Fso5Mt4%2Bd3bYcFx"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb87ff1df19225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK shippingLocation.css
hepsiburadaplay.fun/css/ 42 KB
4 KB 65ms
42ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/shippingLocation.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f08822c7a3121d3abc11c943b3fa64f39993126594a161a0877e01a0f94ff00

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86014
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:47 GMT
Server: cloudflare
ETag: W/"65100c53-a980"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fjibtc0BDXWs1yiBiEgsM%2BTbLLrnXxUChjv%2FFJrIOBwCHMW2TOn%2BAk8cnT%2FJkv5C%2FJoOucJgEgRAbo5nhnsYGbYQeKnd5lpIzwdhWMZBjczPOfGbr74%2B7KVQ6%2FzPh2aHzY8akequoYZuRFfpbacEHZLt"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb87ff2a6cd619-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/672-378/bannerImage2148_20230921195025.png/ 15 KB
16 KB 25ms
22ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/672-378/bannerImage2148_20230921195025.png/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

4b1289fcb64fa0f4bd797b29eca667233da10a4e4ef1c0c5a84377ff9f181f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 15838
vha6-origin: av-dali-varnish-02
content-length: 15838
server: MNCDN-236
x-mnrequest-id: a93c9bdcd0c4649f3b78e86d0b65a008
etag: W/"3dde-tKiehXJYIYbkYMtGtzasmFwUO0c"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2138_20230921195013.png/ 482 B
941 B 28ms
24ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2138_20230921195013.png/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

7f1173b4d0d80fa7e73f2bfd64b3edd4cdfc919bfd13299c855d86fcad084472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 482
content-length: 482
server: MNCDN-236
x-mnrequest-id: 95156f4df7200fdf4091734075166515
etag: W/"1e2-vnCacjfFZIqsCb+LQePioF7/aQ0"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2129_20230921200647.jpeg/ 804 B
1 KB 28ms
25ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2129_20230921200647.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

7e5c6eb47fef346125ced5329616b6a1a17a7b6df90371c5a3a2ce520ed8e628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 804
content-length: 804
server: MNCDN-236
x-mnrequest-id: 95dc6a76772a38d7b47927d002c7dbe6
etag: W/"324-+9NiM0o6l7OtqKCcx1kE2umkAuE"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2126_20230916175658.jpeg/ 2 KB
2 KB 29ms
25ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2126_20230916175658.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

44c43a2f5457090275bdf4f21ecce75d46458f689b79ca7be977da03c7ab73ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 1692
content-length: 1692
server: MNCDN-236
x-mnrequest-id: 4ec276f5962268903cbe82f7efb17742
etag: W/"69c-coepPAJnZMpw8k26VihpFUQrN3Y"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2097_20230918091321.jpeg/ 1 KB
2 KB 29ms
26ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2097_20230918091321.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

8ccc0d16b34c1bb21ab10da23a8be1b8f0dd7b2d53602403062a8d423ff5d584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-as
image-size: 1112
vha6-origin: as-dali-varnish-02
content-length: 1112
server: MNCDN-236
x-mnrequest-id: 6b8a736e6c47fa5c8f94fe857d7f0ba7
etag: W/"458-XUTh8/4se/e7PSHPk4MdQqjaTKw"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2110_20230915144301.jpeg/ 1 KB
2 KB 29ms
26ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2110_20230915144301.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

56aa96a72a3341a6d6280b50556b871d345175607799f75b2c3e9c9188d554c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 1078
content-length: 1078
server: MNCDN-236
x-mnrequest-id: 771fb0f7c26a919746e7803af40b10e8
etag: W/"436-IsvVjuh1n+llBXqoglvSaDa/TOI"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2109_20230919174156.jpeg/ 872 B
1 KB 30ms
27ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2109_20230919174156.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

ac9f5a7f14c85fa4439c120f3d0da1cb4ff2f0d6f4b5a7535fdd3c49ca440c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 872
content-length: 872
server: MNCDN-236
x-mnrequest-id: 663a3948302c1b7a3a6704a74f6356af
etag: W/"368-nK2qzkwTz/n9V96caPX2AUJk3fI"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2128_20230921083628.jpeg/ 1002 B
1 KB 36ms
34ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2128_20230921083628.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

86ddf8bc91cc57f0ec16d323eb761c1b5cba7ffefa6d812f01598ecf566214cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 1002
content-length: 1002
server: MNCDN-236
x-mnrequest-id: af722c91c19f92854fbbfda84340784c
etag: W/"3ea-e1EyUipsLO0pdgPF2GJMu4bb9uk"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2142_20230919172546.jpeg/ 766 B
1 KB 37ms
34ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2142_20230919172546.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

7cb5bb42ab71911dff535d8732b711480932b65aa0da29b6355cabceff99ba96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-as
image-size: 766
vha6-origin: as-dali-varnish-01
content-length: 766
server: MNCDN-236
x-mnrequest-id: 06cb792304c0f399ba526fce02fb4f8f
etag: W/"2fe-e05XHurlVE4qCpC/lwhMFfVDJ44"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2123_20230922135201.jpeg/ 1004 B
1 KB 38ms
35ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2123_20230922135201.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

98b07ba157de922bce7b291c93becbff6683612721d627fe0aaff70d8b75ef03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 1004
content-length: 1004
server: MNCDN-236
x-mnrequest-id: 541857403af5c626d68a10d0eff68602
etag: W/"3ec-b8dBGEAQt10BaUhu3amoSCTTFXA"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2132_20230915152045.jpeg/ 940 B
1 KB 38ms
36ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2132_20230915152045.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

ca5b5cc01213fd7856d001794cc6aa36bdf39580ac3abbc9e1fce20fe42eb411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 940
vha6-origin: av-dali-varnish-02
content-length: 940
server: MNCDN-236
x-mnrequest-id: 95e95587c8fbfb4c7c31d9e960c4323e
etag: W/"3ac-SAd40NaWV2H40h9K7R7h5ovyroQ"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2111_20230922163305.jpeg/ 982 B
1 KB 39ms
37ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2111_20230922163305.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

e5026316d2aa020245408a1f0a1e91409d1d35d9793bb2c9a2b0699ad682c5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-as
image-size: 982
vha6-origin: as-dali-varnish-01
content-length: 982
server: MNCDN-236
x-mnrequest-id: 07d1f899f90ba1bae7414b770ff537e8
etag: W/"3d6-2f7mIngVrT/1rKgQlqaamGNAGjk"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2175_20230919090052.jpeg/ 740 B
1 KB 40ms
37ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2175_20230919090052.jpeg/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

71540b67e275cc179ff014c8c96e68d4c4fb3f56652e9681567471e72bdc8b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 740
vha6-origin: av-dali-varnish-02
content-length: 740
server: MNCDN-236
x-mnrequest-id: 2300302a5baaf339378ff2c0d24c7ee4
etag: W/"2e4-Td1Nuocdx6VsPyVDMJ1wCRcvewo"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 format:webp
images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2106_20230922163557.png/ 756 B
1 KB 40ms
38ms Image
image/jpeg 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hepsiburada.net/banners/s/0/71-40/thumbnailImage2106_20230922163557.png/format:webp

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 / Express

Resource Hash

383055600b726f0d01f9961849851972065ecf46f788a660cc71122a99e776f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
x-edge-location: DE-372
x-powered-by: Express
x-cache-status: Edge : HIT,
x-varnish-forward: dali-av
image-size: 756
vha6-origin: av-dali-varnish-01
content-length: 756
server: MNCDN-236
x-mnrequest-id: bca55baa25e7954a31f787cd289e698e
etag: W/"2f4-Cd5J2aDFlv2sKe9syIZp3q+OBwU"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
accept-ranges: bytes
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H/1.1 200
OK gpt.js Show response
hepsiburadaplay.fun/js/ 95 KB
30 KB 41ms
40ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/gpt.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3de93ab257e84bb76d1a4944d5806e0e35e47b2aba504f07351cf39f88d50a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31980
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:07 GMT
Server: cloudflare
ETag: W/"65100c67-17d18"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFrZIJlTq9u5FPe3DcgqmQ7Bixf4MbGqYnBnf8WUpN7XhxfJ%2F7BNV7AMN6ZpJs%2BqdZRlQhFGCljJQ6IVLgdUskIl%2FW6pe0%2BMx3tCQRcufKhmkmbOIVXhC83cPSQYf4xyZzzDaPFKg9MjcPLXR%2FO%2B4oKq"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb88012f169225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK h2Z3hGGxkB Show response
hepsiburadaplay.fun/ 211 KB
212 KB 315ms
315ms Script
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/h2Z3hGGxkB
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf5075b49f746072cdbf2a9b810c881b7378c7397a9a30e413ed33b6b8e72aa3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
CF-Cache-Status: DYNAMIC
Last-Modified: Sun, 24 Sep 2023 10:15:43 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "65100c4f-34c5a"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU2L2VrNbzYf4OJczUcr8QqfNby3xG5xMCcJy8dQ6pcLJsLe4EgFsn7gFxhX%2FOgtxwjNe8lkE%2BaqyrRGqzDviuNoO8%2BsruPZ0hyXHH54miLCdo%2Fb1u6mUI63ijX8CsIdYNRkSOpgpITzrwaVp9hHeWkT"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 80cb8800bae442f4-EWR
alt-svc: h3=":443"; ma=86400
Content-Length: 216154

GET
H/1.1 200
OK webtrekk.js Show response
hepsiburadaplay.fun/js/ 39 KB
12 KB 42ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/js/webtrekk.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd808795735b0a7ad44c0a9e08fc94143465146df2b4bed8dbe0cda457a40e68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 60895
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:16:08 GMT
Server: cloudflare
ETag: W/"65100c68-9b2e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVlbWQCgiYXdWti%2Fcyfj8ObPtVE1gbU8MpV7wNBHNFniwXLxr3zVsppSXQM54qtKcoGQ2l3MhQm05%2FxRCPXEMpWoq24OJ73nj4mn%2BVpB49oLkdUCI%2F5A3hdfLrDUgZn%2F5s0EZvB3WCDKw%2BigWMaApwYy"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 80cb88012d42d619-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK client.css
hepsiburadaplay.fun/css/ 4 KB
2 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/client.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 738c624e12566729f8189a97879525e9626ba905bf2018e991aee11a6963cabb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 85708
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:45 GMT
Server: cloudflare
ETag: W/"65100c51-1133"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONMpZspfykchlM5Nt7sBNSWPDb66knlu%2Bw0Ooj8Jg7oKZSfYmTtA2cLGTwVUmqlPjIKtb6dSBz01XhLBPeJ070uxHiIxvKcIl7MKTH%2BLCaied4qY4%2BNNYvp0hX1IwClv9zgsgRkNzz4AhTmVJVaInNYT"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb88017da4d619-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK client_1.css
hepsiburadaplay.fun/css/ 6 KB
3 KB 76ms
75ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/client_1.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a39175910cf50aee0b08636316ac87bb4ea3999b412e8ae93c9f011f60018

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:45 GMT
Server: cloudflare
ETag: W/"65100c51-1824"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqhM85jPx6a05aJqqKfpQf%2FaVrg%2FYM8jPhravPk74zVt73cRenSuqEgRX0mPTMAj5C1snfG3Gfh0pDgIfIypPLBO4UpjWkDNlnw1Yoiw3Z60oeqfm5Fk7eY0Ud1YBRU0AXlNam74dUGZTSOadBwEszsV"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb88016f3a9225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK oldHeader.css
hepsiburadaplay.fun/css/ 19 KB
5 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/oldHeader.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c38cf154ad096f2649a8f20a79bb42d96d0b3ff94caeee2d54dd5cb6d64a8538

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 85998
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:46 GMT
Server: cloudflare
ETag: W/"65100c52-4d8e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MN4xX%2F090OIclN5SAxHPHBVDp7%2BXJ%2FW4JHFcr12ITCZHD90QhspVkM6We7w9Auhd9ukVcvN%2FzU7500XhP54zmxBc9dAbZAaZmy5uzqC7OqHwqtpS3N8YVFm8RvfymqRv5xtiDRF2tiQ1x9zvxUZd6PE"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb88017b810299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK NavigationDesktop.css
hepsiburadaplay.fun/css/ 5 KB
2 KB 34ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/NavigationDesktop.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e895a2ee72896bc49aa5d79d55666465e9c323b58bef34904c41c9921275d51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86312
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:46 GMT
Server: cloudflare
ETag: W/"65100c52-159e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82a3i%2BIDmewsFF%2FqcAqQTybOAsWMUhN3IOeq7g6WLd%2FAeYgr4RPwklFLjupi9IeuWFJt8dHKqCIUvckBhDDwX5kUXap4Q5anSAiebqa%2Fs2d0evNIov5QNA0kqJdl9prVyiPcjFMWnWKKNyDh1BcP0BKY"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb880168870be6-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Herousel.css
hepsiburadaplay.fun/css/ 36 KB
7 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/Herousel.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7af9572067d804edfbd5f2a912cd9a081796f2eef6b03e950e97bf9171d9188b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 78391
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:46 GMT
Server: cloudflare
ETag: W/"65100c52-9085"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s80eQGVEooWobp01iKky8Hflr4n%2BoyphtZvqqCEbsnHL3TYiBxRsk3HR0WpYh9nRnT9ZL5A9D%2BFC7erprDcf1%2FHXjxPL4KJf8k3Pm9WMeNux4Vzb4sIQQyBkWIk7MhLciD8sXw%2FtBB%2BuPzRB2gLSnS7i"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb88016966b8e2-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK DealOfTheDay.css
hepsiburadaplay.fun/css/ 7 KB
3 KB 33ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/DealOfTheDay.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7feea3154bfad6682eef6ec9c7db98b2a08d8b47d0a85dde6e61e69864f0c589

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 86312
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:45 GMT
Server: cloudflare
ETag: W/"65100c51-1a99"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BVyTe7wJik%2FGLtQSD5vuIAO7pEAA2WiqXjbChLDYVwCMSLMlHvKlwnpmeahfKkJyk8CYXaLPZL%2BuCypZ1%2F08pSCZxhlsQIsKI6uQYGsKNxfeEOqBmIU4V2qzBxjc3GQeLwkwyVXNVJZ1cNxg%2BMSbhty"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb8801a98db8e2-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 318 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac88594c20a30fecc75cfab7e632a7909c7a6ba34a0ea18ce6034c76ab5aaad0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2dfff6bd7193e750bbe30bbd673c7bf2ed1d271c6387a22c3a7e685dde04d9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK MarketingBillboard.css
hepsiburadaplay.fun/css/ 4 KB
2 KB 31ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/MarketingBillboard.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673af17251b811f4ceb30f3aa3be5f51db634e548927a00e978b22093f07db68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 60934
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:46 GMT
Server: cloudflare
ETag: W/"65100c52-10ce"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI%2FNYpcilGOzuak9w%2BdW42W%2FK%2FnpdywgN7vPPndxGKmDopmZpfs24cZpX3ZmxGdQwiiM5U2JlhsWbOG6rhM8wDK6MDRv9VhYD9JA9wn2lW9r%2FZNmUiTeHwxJDwFMos9SDJqxA4%2Bf7f4iwKm678l9esuf"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb8801abc30299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 471 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eac624d5c8e199e64f4bee7801881b79acf0417048e6336e93827e3f29dc2233

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7275a322d5e6dbdc5bfc645c5a729eb8b98a23bddfd563c9edd3d1e0ebab8e8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 505 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aedb121454b888ed415b4281397bde2ab7d1f1a30e8ea419866eb376f84c6fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/12ea12c3-cd68-46b7-92ef-47befb06ea84/ 92 KB
22 KB 84ms
37ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/12ea12c3-cd68-46b7-92ef-47befb06ea84/OtAutoBlock.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/onetrust.v10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9393d4ec00e5d13ecb95ca1f39aa07a256cc17cbfd341d10c5d557e533b525e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 46528
content-md5: kFyNKce5WFHIebYZY5JRbQ==
content-length: 22095
x-ms-lease-status: unlocked
last-modified: Thu, 04 May 2023 23:08:42 GMT
server: cloudflare
etag: 0x8DB4CF4815CEFE3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f7c39f52-d01e-013d-33dd-7e2b95000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80cb8801f8a29213-FRA
expires: Wed, 27 Sep 2023 12:32:43 GMT

GET
H/1.1 200
OK FeatureList.css
hepsiburadaplay.fun/css/ 9 KB
3 KB 32ms
32ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/FeatureList.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfafa8378b51a1073111739ac4bf12a7f7e21c889a89e223564cc6aefe50ad9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 85997
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:46 GMT
Server: cloudflare
ETag: W/"65100c52-2571"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb4oTHYoQ4z5PABbAD96KgXK2Ewk0oRWC1Uujup4WT3X6lI4po8AKF6FgjH7xIv3TiV0XziewRw4f5E3wA9CBd5cigcBGOSV0rQjpuHZ5tJg49RoICIvqah7BaWDkcLxG0iB4%2FKqakBWnbWYheWW66J2"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb8801ec0b0299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Recommendation.css
hepsiburadaplay.fun/css/ 10 KB
3 KB 30ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/Recommendation.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e62380dbf374ea6abcb10b1ffc31e061fdea7c75bdd226bee715e328fbad045a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31729
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:47 GMT
Server: cloudflare
ETag: W/"65100c53-29ee"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NnP14HhSDw6kSbqo%2FEl%2Fdco%2BpX%2F31ZehhnE%2FfPNImPN10JQtSJMsQnuZrwLBoAnAe1tkAwLy9Z7bJd3xpxnYU0QN0S9%2BLLrFlJEQfmmpjDfseqhlZwkK5%2BimbH3ALFi0LTJKNca5%2BSou8CgCCSVngJ%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb8801ef789225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2dfff6bd7193e750bbe30bbd673c7bf2ed1d271c6387a22c3a7e685dde04d9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 691731dfa8d1586bdf40d8dae8a5b3a09e55d1b9562593c0b8d42b9d980e7e2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dda18aa7778c219f4f5ff70ed4ded2ce145eb786a8221ffe6afd58f05fef731

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 471 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eac624d5c8e199e64f4bee7801881b79acf0417048e6336e93827e3f29dc2233

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 505 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aedb121454b888ed415b4281397bde2ab7d1f1a30e8ea419866eb376f84c6fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK client_1.css
hepsiburadaplay.fun/css/ 6 KB
3 KB 26ms
26ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/client_1.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a39175910cf50aee0b08636316ac87bb4ea3999b412e8ae93c9f011f60018

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:45 GMT
Server: cloudflare
ETag: W/"65100c51-1824"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41WvHt20WltV0Ww%2BQZg%2BY3i4n3sH9E9vhWURsQ0%2BmOqa3Q1Rn9O5PP4cXNPwHrpu17%2BYxo6dCoDSDj38B%2Bxh45GcQow%2Bcv%2FApwt0z5g7UhxBNC%2BAEh%2FaAXAp71cslsnzrIn4uXixyX4SAjsa2%2BhD6Jmb"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb8803887f9225-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Recommendation.css
hepsiburadaplay.fun/css/ 10 KB
3 KB 33ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/Recommendation.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e62380dbf374ea6abcb10b1ffc31e061fdea7c75bdd226bee715e328fbad045a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 85852
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:47 GMT
Server: cloudflare
ETag: W/"65100c53-29ee"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56gHesowjZHhqwvWaUoLSutu3iqJG5MXpd%2BJg%2B%2BjjnzPa70ACGIlmdZ%2BOenEdH51FSzPiJZ4oZcqyvZ%2FsiCXzXC%2B7n63caSxB%2Fo%2Fqsmm%2Ffxa7o%2B9px46Et2cnLcMlKSHqFNhBRbSARO5ClKWaPY92piM"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb88039ed40299-CDG
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK FeatureList.css
hepsiburadaplay.fun/css/ 9 KB
3 KB 30ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hepsiburadaplay.fun/css/FeatureList.css
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfafa8378b51a1073111739ac4bf12a7f7e21c889a89e223564cc6aefe50ad9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 85597
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 10:15:46 GMT
Server: cloudflare
ETag: W/"65100c52-2571"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFIp7ne%2B7FjAAPxWzt2ugAdj%2BmqAqxyhbTo3kv%2FraJbZKO41887HrJlwHHAR%2FHP8nHHjMJRSXkI3a7E%2FTqIQzU%2BBmkt74qt0ud%2BjfSZ6KWyf%2F4Cz7yqD5%2B6vaE46mn3vCZlIoSmFNimrYRZ%2Flbb%2Fs%2F6H"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 80cb8803ab65b8e2-AMS
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 29ms
29ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/onetrust.v10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h6ThlO7ea17v6JNPXbI1zQ==
age: 72566
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6822
x-ms-lease-status: unlocked
last-modified: Thu, 21 Sep 2023 18:23:17 GMT
server: cloudflare
etag: 0x8DBBACFD38A4097
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3d42448e-901e-0002-79c4-ec873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80cb880449e79213-FRA

GET
H2 200 library.dll.js Show response
images.hepsiburada.net/assets/sfvoltrancommon/v.1.0.51/ 391 KB
122 KB 18ms
18ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfvoltrancommon/v.1.0.51/library.dll.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

133f19808ad2e93005423e6f4cef4a4ea9f911b0b749758c26dd2e051a4c37ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-edge-location: DE-372
x-cache-status: Edge : HIT,
last-modified: Mon, 30 May 2022 10:00:28 GMT
server: MNCDN-236
x-mnrequest-id: 45c2689b09480be8fa978b0ec0126c20
etag: W/"629495bc-61cdf"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: 2215
expires: Thu, 26 Oct 2023 12:32:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 483 KB
139 KB 109ms
41ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFZMVP

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84eb01ae6d9285254988a9de5b104044f0fae4d2b464a7a259ed7ef49e1b231c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141674
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Sep 2023 12:32:44 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/ 409 KB
129 KB 89ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34ec03e16ba423f27b2db224a2d1ae09f27c349fb245c1407ac87808ccbe5679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131874
x-xss-protection: 0
server: cafe
etag: 11000565836845060056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 25 Sep 2024 12:30:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 52 B
594 B 123ms
55ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hepsiburadaplay.fun

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a77354ab2c8c191a399e1f291ee741f7e7d2ff891e92ff44a8505ca15fe20023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
x-xss-protection: 0
expires: Tue, 26 Sep 2023 12:32:44 GMT

GET
H2 200 script.js Show response
cdnstat.net/get/ 129 B
697 B 140ms
72ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstat.net/get/script.js?referrer=http://hepsiburadaplay.fun/
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: http://hepsiburadaplay.fun
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmOnuEbaS0Ltzmoc66I3nf48Z3ADLLTgbaSHjJGjC8p%2Bt595ioDbPAXllToaYeoIkeX%2BWHJjPvJVJ9lcI%2BuYWyNdY7irpJVrqtLEFoIDFLeffhKLhLB29ZlvYBMb3A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 80cb88085bcbd590-CDG
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1478633/ 65 KB
20 KB 52ms
13ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1478633/tfa.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b407ca5a526fcc2714528d326a7b7c8c2f6a13e5bfe42dc2b6ba2342347a400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: drlZPF8Rz1AcJhZTcuoLTj0g9rt9xKT9
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Sep 2023 12:32:44 GMT
x-amz-request-id: GXP46TQSAGXZJSC7
age: 93
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 19996
x-amz-id-2: T4tAtF0QQmQHgsHW1ScNTUrU0fdnLlcqZlVi+V72NjgaiKGKFwsOF7YuVARhphOUUhR1gNzkXJU=
x-served-by: cache-ams21036-AMS
last-modified: Sun, 24 Sep 2023 11:05:22 GMT
server: AmazonS3
x-timer: S1695731565.840549,VS0,VE0
etag: "d95db018973d95e32f03f77c8b4bf781"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 78
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 78ms
19ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/gtm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 , Sweden, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-etou8220114-FRA

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c

271 KB
90 KB

55ms
54ms

Script
application/javascript

2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7a421fd8897cd35893d055ed62e666bfa17f39518edf7156d78f9d86eaf3f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Sep 2023 12:32:44 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 12ea12c3-cd68-46b7-92ef-47befb06ea84.json Show response
cdn.cookielaw.org/consent/12ea12c3-cd68-46b7-92ef-47befb06ea84/ 3 KB
2 KB 79ms
40ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/12ea12c3-cd68-46b7-92ef-47befb06ea84/12ea12c3-cd68-46b7-92ef-47befb06ea84.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

654e7e46a447e92e177e2de29c1ac0107f5b03d616411360cb2ecbd3f6c76937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 31721
content-md5: GZPgvqfpZtTVQr38yHW7lQ==
content-length: 1451
x-ms-lease-status: unlocked
last-modified: Thu, 04 May 2023 23:08:42 GMT
server: cloudflare
etag: 0x8DB4CF481423F9F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1c541884-501e-000d-5d4d-eff157000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80cb88085fa439e6-FRA
expires: Wed, 27 Sep 2023 12:32:44 GMT

GET
H2 200 vendor-c78fac24aff2911ed034.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 332 KB
101 KB 39ms
36ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/vendor-c78fac24aff2911ed034.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

0a9b8e0191d677fc62c7d45b60d5d02fe2af42a1595409f7c0c39bb8b27e91b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: 64df8994d467086bc754605c8819f4db
etag: W/"650aaabd-53042"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 591-3330f0860a853f8b8d5e.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 190 KB
33 KB 74ms
71ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/591-3330f0860a853f8b8d5e.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

8c6985fc9ee407cdc73d53fd397761d74935e7a8b5b539ce50f7b2034a550afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: 542b5ec09dc37d8462696d5c06c10d40
etag: W/"650d680b-2f69a"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 9082-93f4fd029725a9a7c6ce.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 46 KB
11 KB 74ms
71ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/9082-93f4fd029725a9a7c6ce.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

7b7449fd1e668a6013fbedaf7452ca8bcc9d7ae677ba2176e8223dc2ec8a42c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: e534c4fce621f0057d7551ef731fafc1
etag: W/"650abae2-b98d"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 1422-8031323f42e85d0afe0e.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 92 KB
18 KB 74ms
72ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/1422-8031323f42e85d0afe0e.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

28c2455401ccfbf90f8576e632e96bc6f1f745e122b99f18a8fe2d1fe083c9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: 2d75527e4cc1c02cc42cfaa622a58e3b
etag: W/"65030008-1717d"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 2164-4a6d86650aef9d910670.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 64 KB
15 KB 74ms
72ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/2164-4a6d86650aef9d910670.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

796451e939fc574cd389436cf1180cbb6345359d2efbc3732f828acb8eee7fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
last-modified: Wed, 20 Sep 2023 08:18:05 GMT
server: MNCDN-236
x-mnrequest-id: 061d2cf25dd868a5cd964450be7819da
etag: W/"650aaabd-fe28"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 clientDesktop-c414e66e0d4bebd78ddb.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 8 KB
4 KB 74ms
72ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/clientDesktop-c414e66e0d4bebd78ddb.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

89cd8d9c19b832b954eeab05b01cd95bd5bcf45bf705913fd19c1df0629ddb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: e8200334a41c031723e452dca1e3c5b6
etag: W/"650d6808-2172"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 902-182fc8746bc698fa7e89.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 6 KB
3 KB 74ms
72ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/902-182fc8746bc698fa7e89.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

a471b6321b1f050feb482811be53e0071bd9bbf5c997e6d707bb471c96b7764f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: 7ee356d1baf94ad6a8f94b4adc74850b
etag: W/"64d64ecc-1693"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 9799-fc2520776d5d05c623f5.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 6 KB
2 KB 74ms
72ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/9799-fc2520776d5d05c623f5.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

2796614d158f89cae49465c7bc9ff2d03e293ef1daec325f3fcc5b9e89c35f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: 3d70b32bf04fb02f9bad04913922b920
etag: W/"64e9f267-18d6"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 4593-d3a51632252f12511c87.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 15 KB
6 KB 74ms
73ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/4593-d3a51632252f12511c87.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

c8bfad71a515fad6e7ac700a64dd7397862a585ec398702a8541dcbfa8ff81f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
last-modified: Fri, 11 Aug 2023 15:07:57 GMT
server: MNCDN-236
x-mnrequest-id: a356d74f441f0859752e4438164c7b8d
etag: W/"64d64ecd-3b6e"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 6504-51aba531409b78fa2e5a.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 16 KB
5 KB 74ms
73ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/6504-51aba531409b78fa2e5a.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

beeb1eb72578b5caac5cc1457a38894c405b73fef665b77bac298c5916d30573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
last-modified: Sat, 26 Aug 2023 12:39:04 GMT
server: MNCDN-236
x-mnrequest-id: fe60dfd23888a7b9bb5f1ac3d9dadbaa
etag: W/"64e9f268-3f04"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 7584-d4a5f4031604887492ed.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 6 KB
3 KB 74ms
73ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/7584-d4a5f4031604887492ed.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

814e4cdc988ae671e2e488310452de43ffcc5385ebb394b9e59d22f57092cb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
last-modified: Fri, 15 Sep 2023 08:00:22 GMT
server: MNCDN-236
x-mnrequest-id: 0990b56e88b4972c1d78faa9a94efe69
etag: W/"65040f16-1750"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 6335-2cf9b6f5fcccf89555f0.js Show response
images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/ 24 KB
8 KB 74ms
73ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/assets/sfstatic/pwa/prod/project/assets/6335-2cf9b6f5fcccf89555f0.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

4c19c33313dffacdbb49f54ab1fc4ba2b921bacdebdf05d57156afc8ce85c23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
last-modified: Wed, 20 Sep 2023 08:18:04 GMT
server: MNCDN-236
x-mnrequest-id: ce8f709fa1ca1df3301b34720a96d9a8
etag: W/"650aaabc-6005"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: DE-372
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 json Show response
trc.taboola.com/1478633/trc/3/ 2 KB
2 KB 33ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1478633/trc/3/json?tim=1695731564859&data=%7B%22id%22%3A61%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1695731564850%2C%22cv%22%3A%2220230920-27-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hepsiburada.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dlionscommunications-tr-hepsiburada-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1695731564857%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fhepsiburadaplay.fun%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1478633/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 606a34a954f07ce0adfbe3d835abccb039d5f807b5797fb0f7730c39f92688bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Tue, 26 Sep 2023 12:32:44 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.33375
x-fastly-to-nlb-rtt: 886
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21036-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1695731565.883867,VS0,VE8
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 181ms
127ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e899ba4a-97b4-4b87-b10e-1bfb776e5ff4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79da6a0d-e046-4c0e-89d6-e7dca1a1e752&tw_document_href=http%3A%2F%2Fhepsiburadaplay.fun%2F&tw_iframe_status=0&txn_id=o4pis&type=javascript&version=2.3.29

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 26 Sep 2023 12:32:44 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0f496b235d895ed3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 93cc598a5c6c0f81b55045a1ee465c5ee80ce11c0f9b62169db3a9bcc4ae3e1c
content-length: 43

GET adsct
analytics.twitter.com/1/i/ 0
0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 81ms
35ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 80cb8808fd571cad-FRA
access-control-allow-headers: Content-Type

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 48ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-44CSPTX731&gtm=45je39k2&_p=325912610&_gaz=1&cid=981447287.1695731565&ul=en-us&sr=1600x1200&_s=1&sid=1695731564&sct=1&seg=0&dl=http%3A%2F%2Fhepsiburadaplay.fun%2F&dt=T%C3%BCrkiye%27nin%20En%20B%C3%BCy%C3%BCk%20Online%20Al%C4%B1%C5%9Fveri%C5%9F%20Sitesi%20Hepsiburada.com&en=page_view&_fv=2&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hepsiburadaplay.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 71ms
23ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-44CSPTX731&cid=981447287.1695731565&gtm=45je39k2&aip=1
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hepsiburadaplay.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 90ms
44ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-44CSPTX731&cid=981447287.1695731565&gtm=45je39k2&aip=1&z=554809104

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
hb-digital-analytics.uw.r.appspot.com/g/ 0
364 B 263ms
176ms Ping
text/plain 2a00:1450:4001:82b::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-digital-analytics.uw.r.appspot.com/g/collect?v=2&tid=G-44CSPTX731&gtm=45je39k2&_p=325912610&cid=981447287.1695731565&ul=en-us&sr=1600x1200&_fplc=0&_eu=AAAC&_s=2&sid=1695731564&sct=1&seg=1&dl=http%3A%2F%2Fhepsiburadaplay.fun%2F&dt=T%C3%BCrkiye%27nin%20En%20B%C3%BCy%C3%BCk%20Online%20Al%C4%B1%C5%9Fveri%C5%9F%20Sitesi%20Hepsiburada.com&en=page_view&_et=3
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-44CSPTX731&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.38.0/ 369 KB
88 KB 28ms
28ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jz950M8ZW7RakPP2zlLHZQ==
age: 27393
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 89624
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:17 GMT
server: cloudflare
etag: 0x8DA6AE29E465D1D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ab0f58e9-c01e-00a5-05e1-5ae3ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80cb88096d559213-FRA

GET
H2 200 tr.json Show response
cdn.cookielaw.org/consent/12ea12c3-cd68-46b7-92ef-47befb06ea84/42dab71d-e4a9-4f40-8fce-a1a9d1aaee6c/ 128 KB
26 KB 39ms
38ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/12ea12c3-cd68-46b7-92ef-47befb06ea84/42dab71d-e4a9-4f40-8fce-a1a9d1aaee6c/tr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b856ed2896c6398a2cfd7c26256fb626b5bb9c22198e7addf9b02b5effd4456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 31707
content-md5: tllWy3HbylxeVYtag4ODNw==
content-length: 26038
x-ms-lease-status: unlocked
last-modified: Thu, 04 May 2023 23:08:45 GMT
server: cloudflare
etag: 0x8DB4CF482CC5317
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 73f27e4c-301e-001b-0a4d-ef0780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80cb880a197239e6-FRA
expires: Wed, 27 Sep 2023 12:32:45 GMT

GET
H2 200 webtrekk.js Show response
images.hepsiburada.net/webtrekk/ 51 KB
13 KB 21ms
21ms Script
application/javascript 31.3.2.79
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://images.hepsiburada.net/webtrekk/webtrekk.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.79 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

0fc176e8c4d497e85ccf8fce318e03facab98604e7f4f9e983a09085555d3347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-edge-location: DE-372
x-cache-status: Edge : HIT,
server: MNCDN-236
x-mnrequest-id: 7edf590db42543343aab2e1b3ce90a5f
etag: W/"5e959a12-cb95"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cdn-forward: medianova
timing-allow-origin: *
x-mserver: 2216
expires: Thu, 26 Oct 2023 12:32:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/866272902/ 3 KB
2 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/866272902/?random=1695731565133&cv=11&fst=1695731565133&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=http%3A%2F%2Fhepsiburadaplay.fun%2F&hn=www.googleadservices.com&frm=0&tiba=T%C3%BCrkiye%27nin%20En%20B%C3%BCy%C3%BCk%20Online%20Al%C4%B1%C5%9Fveri%C5%9F%20Sitesi%20Hepsiburada.com&data=event%3Dpage_view%3BhbProductBrand%3D%3BhbGenderId%3D2%3Becomm_prodid%3D%3Becomm_pagetype%3Dother&rfmt=3&fmt=4

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc689fb255a5b97d83778ae3e6b2ae9c0e6bbe78844b484a573126f13213cb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1417
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activityi;src=10578444;type=remar0;cat=remar0;ord=1916183721705;auiddc=2032946502.1695731565;u27=undefined;u28=other;u29=http%3A%2F%2Fhepsiburadaplay.fun%2F;u30=undefined;u31=undefined;u32=;u33=;u3...
10578444.fls.doubleclick.net/ Frame 134C 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 60ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d993ec25ba5115247b7767e396d0ee59f0f3a14bec3355da68caf596767f02

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Sep 2023 12:32:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53229
x-xss-protection: 0
pragma: public
x-fb-debug: EoY3lNB55BFNNaVE06iRL7AYlStyzJlujQ+4FBn77MmmumZScUw1pOTqop8ybgEiVGCIDK9J6BEkKDOjI0AYBA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

tags Show response
creativecdn.com/
Redirect Chain

https://creativecdn.com/tags?type=script&id=pr_0HO8BA20e0wbYZgM7EIK&ncm=1&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined
https://creativecdn.com/tags?type=script&id=pr_0HO8BA20e0wbYZgM7EIK&ncm=1&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined&tc=1

1 KB
978 B

14ms
14ms

Script
application/javascript

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=script&id=pr_0HO8BA20e0wbYZgM7EIK&ncm=1&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined&tc=1
Protocol: H2
Server: 185.184.8.90 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 24861a13b439dc6bc33f8120053222e022ac348349d15b43e316fc9148e8e111

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT, Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 606
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 26 Sep 2023 12:32:45 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST
location: https://creativecdn.com/tags?type=script&id=pr_0HO8BA20e0wbYZgM7EIK&ncm=1&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dynamic_click_tag.js Show response
img2-digitouch.mncdn.com/include/ 0
469 B 44ms
19ms Script
application/javascript 31.3.2.70
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://img2-digitouch.mncdn.com/include/dynamic_click_tag.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: HTTP/1.1
Server: 31.3.2.70 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2132 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:44 GMT
Last-Modified: Tue, 01 Dec 2020 09:14:24 GMT
Server: MNCDN-2132
X-MNRequest-Id: dd30ec9de5b23dcbbd392c3be242b965
x-edge-location: DE-372
ETag: "5fc60970-0"
X-Cache-Status: Edge : HIT,
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-MServer: 2215
Expires: Wed, 27 Sep 2023 12:32:44 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 228ms
115ms Script
application/javascript 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3VQBK9U9OSLU1GC7G7G&lib=ttq
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 088b2375e9526b652d33b49c8aafe4b5c8dba8ca91202a095d88af91e66f7d78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-akamai-request-id: 1b5b4fd4
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=93
content-length: 1327
pragma: no-cache
server: nginx
x-tt-logid: 20230926123245FF0094124D2EE5AAD630
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 93,23.37.226.95
x-tt-trace-host: 0142bcf9f7465d94319a9217270886c0bb1c95cc00eb7ad401a3f8a4b4fc7fb28b07a7b25c786a43a9e6b401c0cb93a5bbecb0b0e6ffcd553471a80ab743245c76ff7b0462d52f236a3a83b61ed437f5d22e33b4e2ca18b2748697e23dd4e7ef4a
expires: Tue, 26 Sep 2023 12:32:45 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 245ms
132ms Script
application/javascript 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MQR3NB3D4L4OG4TPL0&lib=ttq
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e60bf7ec507aecf3cf7622fd4eb944a810f65056d861567ff3fdbadddaf2c963

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-akamai-request-id: 1b5b4fd5
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=101
content-length: 1324
pragma: no-cache
server: nginx
x-tt-logid: 2023092612324545DE61FFB2B0910D0940
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,23.37.226.95
x-tt-trace-host: 0142bcf9f7465d94319a9217270886c0bb1c95cc00eb7ad401a3f8a4b4fc7fb28bcae1af12023519c503d0836022f4254a6d62eab345709119b3d956b671cba49c4b74d1e57708faf1e35fbb2744399f785261c24e67aab93ed8ffea6fc60d8b60
expires: Tue, 26 Sep 2023 12:32:45 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 119ms
26ms Script
application/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002a4302a981bc3024-00646c8ee1-3295d04c-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 humanz-gtm.js Show response
assets.humanz.com/11978010/ 5 KB
2 KB 88ms
26ms Script
application/javascript 2600:9000:21f3:0:2:ed53:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.humanz.com/11978010/humanz-gtm.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:0:2:ed53:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 445533d90bb1e24b9bf53b98dc068a3abd88753937610a985e8b876f2d65f9a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 09:58:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"41e5eb1ba0a44727924bc491f8c01186"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-amz-cf-id: dPjblXPhrhf6XMbmOS1MHg4cxEx1eUxC4bmRx8V_n7v2z1s6TFD9aw==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 13 KB
3 KB 56ms
56ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otFlat.json

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: l8TaFfqEBdbGRIscoE5PLQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:09 GMT
server: cloudflare
etag: 0x8DA6AE29925C8FF
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: dd92c158-001e-0072-154d-ef3ecc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80cb880a79ce39e6-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/ 62 KB
13 KB 57ms
56ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/otPcCenter.json

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JtD7zjxzBe/apQLaCwCdaw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13258
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:11 GMT
server: cloudflare
etag: 0x8DA6AE29A87E4A6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f0480d0d-a01e-0019-524d-efb938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80cb880a79cf39e6-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 22 KB
4 KB 63ms
63ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otCommonStyles.css

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: TLLtdkuMahUQRVIfmZNHNw==
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 1d9297fc-c01e-000f-084d-ef4fef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80cb880a79d139e6-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/866272902/ 42 B
455 B 90ms
37ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/866272902/?random=1695731565133&cv=11&fst=1695729600000&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=http%3A%2F%2Fhepsiburadaplay.fun%2F&frm=0&tiba=T%C3%BCrkiye%27nin%20En%20B%C3%BCy%C3%BCk%20Online%20Al%C4%B1%C5%9Fveri%C5%9F%20Sitesi%20Hepsiburada.com&data=event%3Dpage_view%3BhbProductBrand%3D%3BhbGenderId%3D2%3Becomm_prodid%3D%3Becomm_pagetype%3Dother&fmt=3&is_vtc=1&random=3061034102&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/866272902/ 42 B
154 B 39ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/866272902/?random=1695731565133&cv=11&fst=1695729600000&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=http%3A%2F%2Fhepsiburadaplay.fun%2F&frm=0&tiba=T%C3%BCrkiye%27nin%20En%20B%C3%BCy%C3%BCk%20Online%20Al%C4%B1%C5%9Fveri%C5%9F%20Sitesi%20Hepsiburada.com&data=event%3Dpage_view%3BhbProductBrand%3D%3BhbGenderId%3D2%3Becomm_prodid%3D%3Becomm_pagetype%3Dother&fmt=3&is_vtc=1&random=3061034102&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET tags
creativecdn.com/ Frame E81A 0
0

POST
H2 200 /
v11cf13hx0.execute-api.eu-west-1.amazonaws.com/pixel-prod/ 0
0 398ms
339ms Fetch
application/json 108.138.7.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v11cf13hx0.execute-api.eu-west-1.amazonaws.com/pixel-prod/
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-105.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amzn-trace-id: Root=1-6512cf6d-6eaa33c4541a88df2824225b;Sampled=0;lineage=3ef60a20:0
x-amzn-requestid: ef8c3eb2-64e7-4d29-8af6-e967a24ed1cb
x-cache: Miss from cloudfront
content-type: application/json
x-amz-apigw-id: L3VZIGPRjoEFiDA=
content-length: 0
x-amz-cf-id: 5gpiFitm2j6J2S0G87kPD2MhNHrZymBb9zstbSfBE4AWQd9plUrBgA==

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 62601
x-ms-lease-status: unlocked
last-modified: Mon, 25 Sep 2023 02:49:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e5674d63-c01e-001f-3dda-ef8a87000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80cb880b2e889213-FRA

GET
H2 200 891502007900202 Show response
connect.facebook.net/signals/config/ 136 KB
36 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/891502007900202?v=2.9.129&r=stable&domain=hepsiburadaplay.fun

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d769976f649bb614f65ccaec2f96f3caecca3f9e0201d5742617e3fdbd4385b9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Sep 2023 12:32:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +Fhe48DC9Tzrip73SvzbIpAiKPWLKCj+FLlPbSVUW2Krx25GJPQ1QiNIvHfnOuJ9z8PvRLI1SuYvyztGXN5X0w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2585712&ADFPageName=Adform_Web_Remarketing&ADFdivider=%7C&ord=223830114900&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOi...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFPageName=Adform_Web_Remarketing&ADFdivider=%7C&ord=223830114900&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzd...

1 KB
2 KB

29ms
25ms

Script
text/javascript

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFPageName=Adform_Web_Remarketing&ADFdivider=%7C&ord=223830114900&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

586e98c1c76e69846dd803fcf275eb9ce0b70e1735244b29b6f3b2b95bf7bd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 967
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFPageName=Adform_Web_Remarketing&ADFdivider=%7C&ord=223830114900&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2585712&ADFdivider=%7C&ord=883351957884&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZ...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFdivider=%7C&ord=883351957884&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRl...

804 B
1 KB

30ms
26ms

Script
text/javascript

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFdivider=%7C&ord=883351957884&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8debc3e2372f4a9804321e63685201078b8d616b88f265d6aeb87280638d3d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 676
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2585712&ADFdivider=%7C&ord=883351957884&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&loc=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 main.MWQ0NWRkZTlhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 370 KB
99 KB 25ms
25ms Script
application/javascript 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-akamai-request-id: 1b5b5017
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123856B4655896D7E083BE7850
vary: Accept-Encoding
x-cache: TCP_HIT from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c0b893b5723c693aca8753a541fb85e495e1518e86e5c4c7ead24416d47acf29155e8b5aa83de622316e0561c9cd502f4f4781b0012106e1945c9ef33bf6bcfa26596ed17dc8f5ae5ebf2dc241798f0be0c1fe84bb0fdb6cbd7497a696160ea0
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 100871

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 61ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=891502007900202&ev=PageView&dl=http%3A%2F%2Fhepsiburadaplay.fun%2F&rl=&if=false&ts=1695731565396&sw=1600&sh=1200&v=2.9.129&r=stable&ec=0&o=30&fbp=fb.1.1695731565395.818992570&it=1695731565305&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Sep 2023 12:32:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 24ms
24ms Script
application/javascript 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-akamai-request-id: 1b5b506e
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023090711070800B0AF63334E29882258
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0186bde66fc9a614d5f0ed45a28298722d56e932865c70437cfb0f6bb9eaa40960289696939911c69d5a4851b28b10cbee0ae70f76089da6b9945d08238e770091b960454b8a8ac23a32ec2596a3f7335738da73612c8a8b21009b166845934e7a
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=14
content-length: 35810

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
880 B 181ms
117ms Ping
text/plain 193.108.153.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-6.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 22a92084.3ff1ce59
date: Tue, 26 Sep 2023 12:32:45 GMT
x-bytefaas-request-id: 20230926123245341BC3AE7735F186611C
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
x-parent-response-time: 97,23.54.206.6
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=10, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230926123245341BC3AE7735F186611C
x-cache-remote: TCP_MISS from a23-207-199-110.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 3.07
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 10,23.207.199.110
x-tt-trace-host: 0118badd8a8df57f64159adc35c24a926647a6f2dcfbcf2ee19ffe6caff4d882d67c5430c387344db1f7fd09b90802e41db089f88c7ca164e2219f3646d49c58de559e0c621f20ee6a668e0bad4e93732f6d316b2f557acf114bbbb6c865351af70b8848bfc4532de16492586afab54490
access-control-allow-headers: *
expires: Tue, 26 Sep 2023 12:32:45 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
791 B 167ms
166ms Ping
text/plain 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 58df43.1b5b508d
date: Tue, 26 Sep 2023 12:32:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
x-parent-response-time: 124,23.37.226.95
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=42, inner; dur=35
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230926123245794ED6EE6B523BC701C5
x-cache-remote: TCP_MISS from a23-221-225-86.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.221.225.86
x-tt-trace-host: 0142bcf9f7465d94319a9217270886c0bb368846d2f0983d27724826bf89a472d2a1f7e4099d879aad8834cbab93faec34573c180d28dda33c9db22eced2876eb1c2071922b8e58095ff69619a0cc3f7003db86f4bbea77c0906ee3cfa07b8cbcbcc9c6b7460214ea5010c926e6f2fbc7c
access-control-allow-headers: Authorization,*
expires: Tue, 26 Sep 2023 12:32:45 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
648 B 148ms
148ms Ping
text/plain 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1b5b5091
date: Tue, 26 Sep 2023 12:32:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=31, cdn-cache; desc=MISS, edge; dur=7, origin; dur=118
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202309261232451D56D726476AE3A9580D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 118,23.37.226.95
x-tt-trace-host: 0142bcf9f7465d94319a9217270886c0bb1c95cc00eb7ad401a3f8a4b4fc7fb28b3af38b6f341319dcfacf893d9745d095241aaacf2d57e30b552ff5eed1c02a15790e54e041e42901f6145b506d9082d2d37d9fb3370c507a75967a160e42131e
access-control-allow-headers: Authorization,*
expires: Tue, 26 Sep 2023 12:32:45 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
792 B 156ms
156ms Ping
text/plain 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 25a4ffee.1b5b5092
date: Tue, 26 Sep 2023 12:32:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
x-parent-response-time: 124,23.37.226.95
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=41, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230926123245BEDB7B7C28CD4989FA71
x-cache-remote: TCP_MISS from a23-221-225-71.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.221.225.71
x-tt-trace-host: 0142bcf9f7465d94319a9217270886c0bb368846d2f0983d27724826bf89a472d2eca21bd4e1fcc05f38fd2c95c4ff369e0530bd395d492d872f0db92f8f8a03c357efa22acaa16a0ca6e598d65a57a174077672b1e81ba2b8c7c840bea28729f99c70b459153337c43d9226f60fccac7c
access-control-allow-headers: Authorization,*
expires: Tue, 26 Sep 2023 12:32:45 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
650 B 149ms
149ms Ping
text/plain 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1b5b5093
date: Tue, 26 Sep 2023 12:32:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=27, cdn-cache; desc=MISS, edge; dur=9, origin; dur=116
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230926123245D8604F09560AC3B485C0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 117,23.37.226.95
x-tt-trace-host: 0142bcf9f7465d94319a9217270886c0bb1c95cc00eb7ad401a3f8a4b4fc7fb28b84df4054823858749e6824b063bd798f48890ba7ac773eff8bdf2dcd22b898efd48ee3e09f341ffee2fc81614eab88648d73b85d898008485ab52459a0949a87
access-control-allow-headers: Authorization,*
expires: Tue, 26 Sep 2023 12:32:45 GMT

GET
H2 200 / Show response
track.adform.net/serving/container/ Frame 5110 2 KB
1 KB 26ms
24ms Document
text/html 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=2585712&lid=109517341&ctype=0&media=0&PageName=Adform_Web_Remarketing&sysvars=%7c%7c%7c%7c%40%40pgr%3dundefined%7c%7cpnm%3dundefined%7c&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&rnd=1865192900&cpref=&loc=http%3a%2f%2fhepsiburadaplay.fun%2f

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

537b8346742a536be95d86886e06ceb2d418327bf1be7d4af249d77c9f1a52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://hepsiburadaplay.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 12:32:45 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 7DF2 5 KB
2 KB 86ms
28ms Document
text/html 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Requested by

Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a87b33808775c3739568a1eeebfe28145c4a19911ef19ced674da10797eb7018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://hepsiburadaplay.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 26 Sep 2023 12:32:45 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
458 B 88ms
24ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=1650959402315091635&stamp=L2wWaYpRlrMDvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
457 B 88ms
25ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=7060750083923030456&stamp=fcM0iGj_cQ8DvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2

200

trackpoint-sync.js Show response
s2.adform.net/banners/scripts/st/ Frame 5110
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/
https://s2.adform.net/banners/scripts/st/trackpoint-sync.js

80 KB
31 KB

33ms
33ms

Script
application/javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-sync.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=2585712&lid=109517341&ctype=0&media=0&PageName=Adform_Web_Remarketing&sysvars=%7c%7c%7c%7c%40%40pgr%3dundefined%7c%7cpnm%3dundefined%7c&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&rnd=1865192900&cpref=&loc=http%3a%2f%2fhepsiburadaplay.fun%2f
Protocol: H2
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ed7855a47e21fbce66ff31f00692ab5dca3bcf3a4c0ae0f1375245df4522c2fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000c396d307b7992fc7-00646c8f02-32950a49-default
etag: W/"f59f35d4fac660877d27fdb8f518eb23"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-sync.js
date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7DF2 0
384 B 25ms
24ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 7DF2 43 B
199 B 134ms
32ms Image
image/gif 34.251.187.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1650959402315091635&Expiration=1696941165
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.251.187.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-187-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Sep 2023 12:32:45 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7DF2 0
400 B 94ms
41ms Image
text/plain 23.213.165.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 12:32:45 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 25 Sep 2023 12:32:45 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 7DF2 0
214 B 98ms
21ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7DF2
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1650959402315091635&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1650959402315091635&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=af90ec3693f64652a...
https://c1.adform.net/serving/cookie/match?party=9&uid=635aba8c1e0296ac3514ee12ebfca64722d76dfd854df0776a88ae3a17e9c58b

35 B
600 B

25ms
24ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=635aba8c1e0296ac3514ee12ebfca64722d76dfd854df0776a88ae3a17e9c58b

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=635aba8c1e0296ac3514ee12ebfca64722d76dfd854df0776a88ae3a17e9c58b
date: Tue, 26 Sep 2023 12:32:45 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 7DF2 43 B
114 B 94ms
26ms Image
image/gif 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=1650959402315091635&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55944/ Frame 7DF2 0
125 B 93ms
28ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=1650959402315091635&_origin=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 7DF2 43 B
683 B 125ms
30ms Image
image/gif 2.21.20.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.200 , Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 12:32:45 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1695731565803013-361
Expires: Tue, 26 Sep 2023 12:32:45 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 7DF2 43 B
146 B 74ms
19ms Image
image/gif 35.156.97.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.97.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-97-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7DF2
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1650959402315091635&expiration=1696941165
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1650959402315091635&expiration=1696941165&C=1

43 B
336 B

37ms
37ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1650959402315091635&expiration=1696941165&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MYgmvVGLVGgK%2F4E%2BlslCWeCxs9ixKHF1Y470QtDk5NnBX2fxJqocsDizpnS1kO5EVmeTXH6wBf9KLo6IW0ssMRbkPWsCMNBIZhPB3R6seKmQ43JBRPYvbJxZZX7THgR2Q7LoV5zicrldA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80cb880e6a8b912e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4faT5L91AOYdFnKQqBYqqOHBAOjvzm3QL9xgi57TO9Z4xQFWoGjoTjDXk%2BN2%2BlVlIWN8fxKaiWR0i5HyXDMi65nEFaEAJjap%2Fnh7XWQdQKjsCSpOzw%2F1WAIdRv9CQSQFcn3HSS2odlUPjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=1650959402315091635&expiration=1696941165&C=1
cache-control: no-cache
cf-ray: 80cb880e1a2e912e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 7DF2
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1650959402315091635&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1650959402315091635&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=1650959402315091635&gdpr=&sInitiator=external
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=4870297687325336885&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTYwM0UyOUMzRjZCNDQ0OQ&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEB7LIbIyHvEsHuHB8Vq4c2w&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB7LIbIyHvEsHuHB8Vq4c2w&sInitiator=internal&google_cver=1&gdpr=

0
415 B

26ms
25ms

Image
text/plain

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB7LIbIyHvEsHuHB8Vq4c2w&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:49 GMT
uip-status: Ok
frontend-id: 05
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:49 GMT
frontend-id: 14
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEB7LIbIyHvEsHuHB8Vq4c2w&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 7DF2 0
344 B 96ms
23ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1650959402315091635&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:45 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 7DF2
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1650959402315091635
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1650959402315091635&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
380 B

69ms
17ms

Image
image/gif

2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Server: 2a02:6ea0:c700::17 , Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 26 Sep 2023 12:32:45 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 1033528
x-accel-date: 1694698037
content-length: 43
x-77-nzt: AZySIYhbs9L/OMUPAA
x-accel-expires: @1695734837
x-77-age: 1033528
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: f6587a1d619b8a2c6dcf12657e31083b
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Tue, 26 Sep 2023 12:32:45 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 7DF2 0
98 B 79ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1650959402315091635/gdpr=/ Frame 7DF2 49 B
265 B 104ms
30ms Image
image/gif 54.171.14.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1650959402315091635/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.18
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 7DF2 62 B
218 B 260ms
204ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 26 Sep 2023 12:32:46 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 7DF2 43 B
273 B 52ms
18ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 7DF2
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

105ms
40ms

Image
image/gif

52.218.98.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Server: 52.218.98.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:47 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 7BG44AQM6JX10V5E
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: oycnjiuNJcTU2OisHGMR1Ipzj1iTg9QfVVsRjQ+ZTfgG3z1Lfut1+SqXky46+UvEtBS4aUj5wTM=

Redirect headers

X-Error-Reason: Missing UserId
Date: Tue, 26 Sep 2023 12:32:45 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 7DF2
Redirect Chain

https://pixel.onaudience.com/?mapped=1650959402315091635&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=a7978d33bce5df9444ab09aab74233b9&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
149 B

97ms
30ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 7DF2
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1650959402315091635
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120230926122ec7df162959c7342d3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=4bf48701fd75cbc303ded5b71ab1e8f2&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA5MjYxMjJlYzdkZjE2Mjk1OWM3MzQyZDM&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEOQlvilw2r3Em-ApQqLnW6Y&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120230926122ec7df162959c7342d3
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=7060750083923030456
https://tags.adsafety.net/v1/cm?cm_uid=CM120230926122ec7df162959c7342d3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=4bf48701fd75cbc303ded5b71ab1e8f2
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7283111618766698647
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7283111618766698647

43 B
2 KB

19ms
18ms

Image
image/gif

89.163.142.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7283111618766698647
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Server: 89.163.142.91 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm40.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 12:32:46 GMT
Last-Modified: Tue, 26 Sep 2023 12:32:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7283111618766698647
Date: Tue, 26 Sep 2023 12:32:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7DF2 0
338 B 112ms
31ms Image
text/plain 52.215.100.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.100.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: beacon-n019-dub-prod.krxd.net
date: Tue, 26 Sep 2023 12:32:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1695731565
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 7DF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTY1MDk1OTQwMjMxNTA5MTYzNQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEN621OlHXqaDiqj-FiM9ic&google_cver=1&google_ula=1641347,0

35 B
591 B

31ms
31ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEN621OlHXqaDiqj-FiM9ic&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEN621OlHXqaDiqj-FiM9ic&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 7DF2
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=4870297687325336885&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=7060750083923030456

43 B
831 B

26ms
26ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=7060750083923030456

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
an-x-request-uuid: 9fec4f79-2492-4b24-a6db-f81e4e5745d9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.39; 5.79.98.39; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=7060750083923030456
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7DF2 42 B
471 B 57ms
13ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 12:32:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7DF2 0
384 B 29ms
25ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 7DF2 43 B
444 B 92ms
19ms Image
image/gif 108.138.17.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-48.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 08:04:05 GMT
Via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-P7
Age: 16121
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: Zt4Nuz7cKU3GDRFbLueIReqQk89ZcQ-rnrptTC_Ua5WAKcDaN8aiLQ==

GET
H/1.1

200

p
a.audrte.com/ Frame 7DF2
Redirect Chain

https://a.audrte.com/a?adform_uid=1650959402315091635
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTUxb3hNWmxtcG5ScUdaOFRZY0F0WnV3dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

98ms
97ms

Image
image/png

35.172.171.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Server: 35.172.171.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-171-236.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:46 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 26 Sep 2023 12:32:46 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7DF2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1650959402315091635&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1650959402315091635&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=53290066842054341403452827430045358696&noredirect=1

35 B
591 B

31ms
31ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=53290066842054341403452827430045358696&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v050-0f9e291ef.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FdA+Sm0SRs8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=53290066842054341403452827430045358696&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7DF2
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1650959402315091635
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220043204651002334996

35 B
601 B

28ms
26ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220043204651002334996

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=220043204651002334996
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7DF2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7283111618766698647

35 B
600 B

82ms
27ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7283111618766698647

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7283111618766698647
Date: Tue, 26 Sep 2023 12:32:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 7DF2 62 B
429 B 183ms
183ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 26 Sep 2023 12:32:46 GMT
content-length: 62
content-type: image/gif

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame 7DF2 43 B
418 B 94ms
29ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 12:32:46 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 26 Sep 2023 12:32:45 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7DF2
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=atdtVmMe1QL7f85

35 B
591 B

24ms
24ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=atdtVmMe1QL7f85

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 12:32:45 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0848f2daa11a85918@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=atdtVmMe1QL7f85
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7DF2 70 B
148 B 30ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET image.sbmx
global.ib-ibi.com/ Frame 7DF2 0
0

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 7DF2 43 B
1 KB 71ms
21ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=1650959402315091635

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7DF2
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1777438417
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nwNmjzJJ8Nk2xncJbvXU7e

35 B
600 B

26ms
26ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nwNmjzJJ8Nk2xncJbvXU7e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
via: 1.1 google
last-modified: Tue, 26 Sep 2023 12:32:46 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nwNmjzJJ8Nk2xncJbvXU7e
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7DF2 23 B
163 B 124ms
45ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 26 Sep 2023 12:32:46 GMT
pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame 7DF2 0
0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 7DF2 0
237 B 132ms
46ms Image
text/plain 2600:9000:211e:b800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:b800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
cache-control: no-cache, must-revalidate
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 3BN3mlBgEJFMQ6excKgov7rMkNml7wgLzQL1k8cY3u6KCsJrsH4Sjg==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7DF2
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1650959402315091635&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1650959402315091635&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=bbd0dd41-83ad-429a-9438-d7f05eb442c4

35 B
600 B

25ms
24ms

Image
image/gif

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=bbd0dd41-83ad-429a-9438-d7f05eb442c4

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Tue, 26 Sep 2023 12:32:46 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=bbd0dd41-83ad-429a-9438-d7f05eb442c4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1650959402315091635
match.contentexchange.me/adform/ Frame 7DF2 0
49 B 134ms
41ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/1650959402315091635?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 7DF2 37 B
140 B 61ms
19ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=1650959402315091635&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET 296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame 7DF2 0
0

GET
H2 204 put
e1.emxdgt.com/ Frame 7DF2 0
44 B 72ms
18ms Image
text/plain 3.126.31.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.31.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-31-96.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
server: awselb/2.0

GET
H2 204 adf
pixel.sojern.com/idsync/ Frame 7DF2 0
156 B 53ms
19ms Image
text/plain 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=1650959402315091635
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7DF2 0
384 B 27ms
26ms Image
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1650959402315091635&agencyId=8250&advertiserId=2117973&src=tp&rnd=766563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 12:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 5110 123 B
722 B 25ms
24ms Script
text/javascript 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2831391&ADFPageName=Adform_Web_Remarketing&ADFdivider=%7C&ord=532489668140&ADFtpmode=2&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjgiOiJ1bmRlZmluZWQiLCJpdG1zIjpbeyJ3ZWlnaHQiOiIxIiwic3RlcCI6IjEiLCJwbm0iOiJ1bmRlZmluZWQiLCJwZ3IiOiJ1bmRlZmluZWQifV19&CPref=http%3A%2F%2Fhepsiburadaplay.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

303d3b6612e1360cd4dabbe422a37a32284aa54a8adefd1391701f51fcde2f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://track.adform.net/serving/container/?pm=2585712&lid=109517341&ctype=0&media=0&PageName=Adform_Web_Remarketing&sysvars=%7c%7c%7c%7c%40%40pgr%3dundefined%7c%7cpnm%3dundefined%7c&itm=eyJzdjEiOiJ1bmRlZmluZWQiLCJzdjIiOiJ1bmRlZmluZWQiLCJzdjMiOiJ1bmRlZmluZWQiLCJzdjQiOiJ1bmRlZmluZWQiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiJ1bmRlZmluZWQiLCJzdjEyIjoiIiwiaXRtcyI6W3sicG5tIjoidW5kZWZpbmVkIiwicGdyIjoidW5kZWZpbmVkIn1dfQ&rnd=1865192900&cpref=&loc=http%3a%2f%2fhepsiburadaplay.fun%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 12:32:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 193
expires: -1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
648 B 170ms
169ms Ping
text/plain 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://hepsiburadaplay.fun/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1b5b510d
date: Tue, 26 Sep 2023 12:32:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=46, cdn-cache; desc=MISS, edge; dur=9, origin; dur=132
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230926123245DE982FF36289A1C00946
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,23.37.226.95
x-tt-trace-host: 0142bcf9f7465d94319a9217270886c0bb1c95cc00eb7ad401a3f8a4b4fc7fb28bae7cccb3fe08cf6f7a7003b9d072ca74c37cc8d5c17f2963e9dcb2c711719d1412c9c0b0f7868d28895369ba2bd89258db641e7ceff51c6c856d696ef4d2edc2
access-control-allow-headers: Authorization,*
expires: Tue, 26 Sep 2023 12:32:45 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1478633/log/3/ 0
249 B 452ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1478633/log/3/unip?en=pre_d_eng_tb&tos=1640&scd=0&ssd=1&est=1695731564855&ver=36&isls=true&src=i&invt=1500&msa=6535&rv=1&tim=1695731566496&vi=1695731564850&ri=d624eb251101e3dd61176f223e31da4a&ref=null&cv=20230920-27-RELEASE&item-url=http%3A%2F%2Fhepsiburadaplay.fun%2F&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2C
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-origin: http://hepsiburadaplay.fun
pragma: no-cache
date: Tue, 26 Sep 2023 12:32:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 20ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=891502007900202&ev=Microdata&dl=http%3A%2F%2Fhepsiburadaplay.fun%2F&rl=&if=false&ts=1695731566905&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20T%C3%BCrkiye%27nin%20En%20B%C3%BCy%C3%BCk%20Online%20Al%C4%B1%C5%9Fveri%C5%9F%20Sitesi%20Hepsiburada.com%5Cn%20%20%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22Cep%20telefonu%2C%20bilgisayar%2C%20televizyon%2C%20kozmetik%20ve%20binlerce%20%C3%BCr%C3%BCn%20uygun%20fiyatlarla%20Hepsiburada.com%27da.%20%C3%9Ccretsiz%20kargo%20f%C4%B1rsatlar%C4%B1%20ile%20her%20%C5%9Fey%20aya%C4%9F%C4%B1na%20gelsin.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.129&r=stable&ec=1&o=30&fbp=fb.1.1695731565395.818992570&it=1695731565305&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Sep 2023 12:32:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1478633/log/3/ 0
248 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1478633/log/3/unip?en=pre_d_eng_tb&tos=4644&scd=0&ssd=1&est=1695731564855&ver=36&isls=true&src=i&invt=3000&msa=6535&rv=1&tim=1695731569499&vi=1695731564850&ri=d624eb251101e3dd61176f223e31da4a&ref=null&cv=20230920-27-RELEASE&item-url=http%3A%2F%2Fhepsiburadaplay.fun%2F&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2C
Requested by: Host: hepsiburadaplay.fun
URL: http://hepsiburadaplay.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://hepsiburadaplay.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-origin: http://hepsiburadaplay.fun
pragma: no-cache
date: Tue, 26 Sep 2023 12:32:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e899ba4a-97b4-4b87-b10e-1bfb776e5ff4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=79da6a0d-e046-4c0e-89d6-e7dca1a1e752&tw_document_href=http%3A%2F%2Fhepsiburadaplay.fun%2F&tw_iframe_status=0&txn_id=o4pis&type=javascript&version=2.3.29

Domain: 10578444.fls.doubleclick.net
URL: https://10578444.fls.doubleclick.net/activityi;src=10578444;type=remar0;cat=remar0;ord=1916183721705;auiddc=2032946502.1695731565;u27=undefined;u28=other;u29=http%3A%2F%2Fhepsiburadaplay.fun%2F;u30=undefined;u31=undefined;u32=;u33=;u34=undefined;gtm=45He39k2;epver=2;~oref=http%3A%2F%2Fhepsiburadaplay.fun%2F?

Domain: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_0HO8BA20e0wbYZgM7EIK&id=pr_0HO8BA20e0wbYZgM7EIK_uid_undefined&ncm=1&tc=1

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=1650959402315091635

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1650959402315091635

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=1650959402315091635

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hepsiburadaplay.fun/	1970-01-20 15:02:51	Name: PHPREFS Value: full
.hepsiburadaplay.fun/	1970-01-21 00:38:11	Name: _ga Value: GA1.1.981447287.1695731565
.hepsiburadaplay.fun/	1970-01-21 00:38:11	Name: _ga_44CSPTX731 Value: GS1.1.1695731564.1.1.1695731564.60.0.0
.t.co/	1970-01-21 00:38:11	Name: muc_ads Value: 467200ad-ba75-477e-90b8-168e37b6f8ac
.hepsiburadaplay.fun/	1970-01-20 17:11:47	Name: _gcl_au Value: 1.1.2032946502.1695731565
.creativecdn.com/	1970-01-20 23:47:47	Name: u Value: pE7Siqcd79T5M5P3ouHl
.creativecdn.com/	1970-01-20 23:47:47	Name: ts Value: 1695731565
.hepsiburadaplay.fun/	1970-01-20 17:11:47	Name: _fbp Value: fb.1.1695731565395.818992570
.tiktok.com/	1970-01-21 00:23:47	Name: _ttp Value: 2Vvzuf9v8Ttd5goukKKoWzs4MF0
.adform.net/	1970-01-20 15:45:23	Name: C Value: 1
.hepsiburadaplay.fun/	1970-01-21 00:23:47	Name: _tt_enable_cookie Value: 1
.hepsiburadaplay.fun/	1970-01-21 00:23:47	Name: _ttp Value: Ue99CwgSCRtwTiPpqOKCTjbh2S2
.adform.net/	1970-01-20 15:03:37	Name: CM Value: 1\|1
.adform.net/	1970-01-20 16:28:35	Name: uid Value: 7060750083923030456
.seadform.net/	1970-01-20 16:28:39	Name: uid Value: 7060750083923030456
.adform.net/	1970-01-20 15:22:21	Name: CM14 Value: 1695817965_1695731565_1_Hu7u4e4e4R7u7u4REREeERERERHhERE
.adscale.de/	1970-01-20 23:44:27	Name: uu Value: af90ec3693f64652ae0699f822f4defa
.adscale.de/	1970-01-20 23:44:27	Name: cct Value: 1695731565772
.ih.adscale.de/	1970-01-20 23:44:27	Name: tu Value: 4#576729895#42~1650959402315091635~471036~0~0
.casalemedia.com/	1970-01-20 23:47:47	Name: CMID Value: ZRLPbZJ0d-X6O09hjmZTGAAA
.casalemedia.com/	1970-01-20 17:11:47	Name: CMPS Value: 5137
.casalemedia.com/	1970-01-20 17:11:47	Name: CMPRO Value: 5137
.semasio.net/	1970-01-20 23:47:47	Name: SEUNCY Value: E603E29C3F6B4449
.ads.stickyadstv.com/	1970-01-20 16:28:35	Name: uid-bp-617 Value: 1650959402315091635
.ads.stickyadstv.com/	1970-01-20 15:45:23	Name: UID Value: 903e5025afcb1583b6ad6689227f7cf
.eyeota.net/	1970-01-20 15:02:12	Name: SERVERID Value: 19387~DM
.onaudience.com/	1970-01-20 23:47:47	Name: cookie Value: e8dd3b01489c52e6
.onaudience.com/	1970-01-20 15:03:37	Name: done_redirects161 Value: 1
cm.adsafety.net/	1970-01-20 23:47:47	Name: UID Value: CM120230926122ec7df162959c7342d3
.adsafety.net/	1970-01-20 23:47:47	Name: cm_uid Value: CM120230926122ec7df162959c7342d3
.adnxs.com/	1970-01-20 17:11:47	Name: uuid2 Value: 4870297687325336885
.onaudience.com/	1970-01-20 15:03:37	Name: done_redirects147 Value: 1
.pubmatic.com/	1970-01-20 15:45:23	Name: KRTBCOOKIE_391 Value: 22924-1650959402315091635&KRTB&23263-1650959402315091635&KRTB&23481-1650959402315091635
.pubmatic.com/	1970-01-20 15:45:23	Name: PugT Value: 1695731565
.doubleclick.net/	1970-01-21 00:23:47	Name: IDE Value: AHWqTUnJ5P-vnSDr4e8_0JNobPB2c_rQyIu-vKR1LXg_P_Gc-wcZXHRoFdHKdAqdxLU
ads.smartstream.tv/	1970-01-20 23:47:47	Name: DID Value: 4bf48701fd75cbc303ded5b71ab1e8f2
ads.smartstream.tv/	1970-01-20 23:47:47	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 23:47:47	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 15:45:23	Name: cm_uid Value: CM120230926122ec7df162959c7342d3
.krxd.net/	1970-01-20 19:21:23	Name: _kuid_ Value: P0bDSPJp
cm.adsafety.net/	1970-01-20 23:47:47	Name: permanent Value: 1
.adnxs.com/	1970-01-20 17:11:47	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E>7s%N!<!]tbPl1M66+q([OUf#$SVAZtNNYwR`Z62%9_':g5VHCJ`ZhY+t3If)y3KL9D3I?+X.ZDw_
.adfarm1.adition.com/	1970-01-20 17:11:47	Name: UserID1 Value: 7283111618766698647
.agkn.com/	1970-01-20 23:47:47	Name: ab Value: 0001%3AI3MYeAObmShCXbe1%2Bix0BZqTrvDWl6vJ
.demdex.net/	1970-01-20 19:21:23	Name: demdex Value: 53290066842054341403452827430045358696
.w55c.net/	1970-01-21 00:32:25	Name: wfivefivec Value: atdtVmMe1QL7f85
.dpm.demdex.net/	1970-01-20 19:21:23	Name: dpm Value: 53290066842054341403452827430045358696
.weborama.fr/	1970-01-21 00:28:06	Name: AFFICHE_W Value: -cl@al@DdQn971
.w55c.net/	1970-01-20 15:45:23	Name: matchadform Value: 5
tags.adsafety.net/	1970-01-20 23:47:47	Name: UID Value: 4bf48701fd75cbc303ded5b71ab1e8f2
tags.adsafety.net/	1970-01-20 23:47:47	Name: DID Value: 4bf48701fd75cbc303ded5b71ab1e8f2
tags.adsafety.net/	1970-01-20 23:47:47	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 23:47:47	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 15:45:23	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 23:47:47	Name: ct_uid Value: 4bf48701fd75cbc303ded5b71ab1e8f2
.adsafety.net/	1970-01-20 23:47:47	Name: ct_did Value: 4bf48701fd75cbc303ded5b71ab1e8f2
.adsafety.net/	1970-01-20 23:47:47	Name: ct_idt Value: 100
.bluekai.com/	1970-01-20 19:24:16	Name: bku Value: aG/99sfwWZDhKZx3
.bluekai.com/	1970-01-20 19:24:16	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEWtBE98BEA61e/p1EDymEWt1pDe9JN9Ye/=
.tapad.com/	1970-01-20 16:28:35	Name: TapAd_TS Value: 1695731566207
.tapad.com/	1970-01-20 16:28:35	Name: TapAd_DID Value: bbd0dd41-83ad-429a-9438-d7f05eb442c4
.tapad.com/	1970-01-20 16:28:35	Name: TapAd_3WAY_SYNCS Value:
cm.adsafety.net/	1970-01-20 23:47:47	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNlhzU2FBVHpNb25kMmROcFkzb0dnaE9DVFZNSnRaMHdvVUhadUovOTNFcFcyTFVyRUNSU2UrOUJjSXAzVkJYRzlML0ZzZ3hCRnhDbmRyVENOck0zNnZ3eE5NY05iZDFwd0xBeHQ1cWMvdnlwcEVtWUc4WVc1N202M0N6RDIyaWMyZGIySmc3cWx0bktwbmsxZmFWaUlDc2tEcmI3emxOYk94SVNScjdjeGt6Rkpyb2RkMFFFc2hOZVZOcFV4blZMbStPRGlnQVZxVElCZWFiNlBlb0dXWkY3ZXVtejdhOVNTeU13QTE1NE44U0svTS9OTlh1R0VHb2tYdVFCbmxHNHZ5N1h3NmdINXZHaU9iRzdHam5uSjhIS0JvTGVJMFRNUy83ZEE4VFphd0pGekREbWlOVUJ1S3oySHFkdFpjcXc2MjNvckp3Q21wYml4eXF1eVBPT2dnU0hkUFczb3hJajJMbk95V01yUTlCSUh6QzJtK1B5Vm93b08zd1UwS3I1ekducGlWbjhhOUd3UWdDU28remtPeXhjN3R5ZlJpYmNaWU9nOEYxM0NjNW9JeVhwQlF5ZkNBMzJtc2Zlc1lFOFhnYjdqcm9kVjVTc1JjT0FYUnIrczlrcXZMY2JYTHh3clo3cTFtRFFnemh5cCtWZWtGNzBYdnk5dmxtcVhJc2pkZkV6OGJxZUQ0NmRaQURFaFQ5WmlhUnBNNHowaldCdmJLT05abDJ6QkRuWkdLaWRzc2U4YTkxNndWcVdhWFZmdlFoRFMyWmdia3cwZ3JrcnB2SlBQUE02bDFtTittb21zOThpUTJJV1R3VS9WYy9uSVdCeHkxd1BOSjRzQ3NkWEg0OERqbDhTNHVUekVZa2cvY2prZzJGTHpkYXZnRmZ6a2NDUlpaVnZqUm9qN3RFQVpGUDlwN3pKaG1OUjFKeGdsd1NVeWpRYlo5ekpoM2gweXI0WU0wUGdsZ0RjU0JmZEViMmdRZmd1Zk9aS1hRcVF2b2dRblEzZE9pTEIwc0R0ckRVRE9PTnk4dkkzMzJoQU9kUDZUMFlBemRrdnZSS0ZXRWF3NTREL29xVFBNOFJNaGUvK25pd0xHWnZtSDFwMkxtYTFhREFlMEhCeVNsY1hxS0NJSkU9
.audrte.com/	1970-01-20 15:23:47	Name: arcki2 Value: a51oxMZlmpnRqGZ8TYcAtZuww!20220908!1695731566348!ip#5.79.98.39
.audrte.com/	1970-01-20 15:23:47	Name: arcki2_adform Value: 1650959402315091635!20220908!1695731566351
.audrte.com/	1970-01-20 15:23:47	Name: arcki2_ddp2 Value: a51oxMZlmpnRqGZ8TYcAtZuww!20220908!1695731566490

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=1650959402315091635 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1650959402315091635/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=1650959402315091635 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10578444.fls.doubleclick.net
a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api.adrtx.net
assets.humanz.com
beacon.krxd.net
c1.adform.net
cdn.cookielaw.org
cdn.taboola.com
cdnstat.net
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
creativecdn.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
geolocation.onetrust.com
global.ib-ibi.com
googleads.g.doubleclick.net
hb-digital-analytics.uw.r.appspot.com
hepsiburadaplay.fun
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
images.hepsiburada.net
img2-digitouch.mncdn.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.analytics.google.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
securepubads.g.doubleclick.net
server.seadform.net
simage2.pubmatic.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
t.co
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
ups.analytics.yahoo.com
v11cf13hx0.execute-api.eu-west-1.amazonaws.com
www.facebook.com
www.google.com
www.google.nl
www.googletagmanager.com
x.bidswitch.net
10578444.fls.doubleclick.net
analytics.twitter.com
creativecdn.com
global.ib-ibi.com
sync.1dmp.io
sync.e-volution.ai
104.18.26.193
104.244.42.133
107.178.244.119
108.129.25.174
108.138.17.48
108.138.7.105
139.162.147.24
141.226.228.48
141.94.171.216
141.95.33.111
142.250.185.98
146.75.120.157
15.197.193.217
151.101.65.44
18.198.126.47
184.30.20.207
185.184.8.90
185.86.139.101
188.114.96.3
193.108.153.6
193.135.9.129
198.47.127.205
2.16.97.41
2.21.20.200
2001:4860:4802:32::36
23.213.165.82
23.37.226.99
2600:9000:211e:b800:1b:5138:8a40:93a1
2600:9000:21f3:0:2:ed53:b1c0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2a00:1450:4001:80b::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2014
2a00:1450:4001:82f::2003
2a00:1450:400c:c0b::9c
2a02:6ea0:c700::17
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
3.120.214.218
3.126.31.96
3.66.159.214
3.71.149.231
31.3.2.70
31.3.2.79
34.111.113.62
34.246.44.190
34.251.187.151
34.98.64.218
35.156.97.229
35.172.171.236
35.190.24.218
35.244.174.68
37.157.2.234
37.157.5.132
37.157.5.133
37.157.5.72
37.157.6.243
37.252.171.21
46.19.11.36
52.215.100.89
52.218.98.139
52.29.154.74
54.171.14.223
63.33.121.220
69.173.144.165
69.192.160.219
76.223.111.18
77.243.51.122
80.85.85.173
85.114.159.118
89.163.142.91
088b2375e9526b652d33b49c8aafe4b5c8dba8ca91202a095d88af91e66f7d78
08b08f1e3e84ecc2fd388517b5fc2a2c0ea217eb8b94eb47e4914d938ea652d5
0a9b8e0191d677fc62c7d45b60d5d02fe2af42a1595409f7c0c39bb8b27e91b0
0aedb121454b888ed415b4281397bde2ab7d1f1a30e8ea419866eb376f84c6fe
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c921c9c2ac7b8962d320b8a389fda03733a758e4424628c22cbbd3b22aff0c3
0fc176e8c4d497e85ccf8fce318e03facab98604e7f4f9e983a09085555d3347
133f19808ad2e93005423e6f4cef4a4ea9f911b0b749758c26dd2e051a4c37ea
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
1b856ed2896c6398a2cfd7c26256fb626b5bb9c22198e7addf9b02b5effd4456
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
21bc239ea9640eadcec6a4f1e2e93e20b0f4c5bb0c54a771e01f4cecbcb65664
24861a13b439dc6bc33f8120053222e022ac348349d15b43e316fc9148e8e111
2796614d158f89cae49465c7bc9ff2d03e293ef1daec325f3fcc5b9e89c35f71
28c2455401ccfbf90f8576e632e96bc6f1f745e122b99f18a8fe2d1fe083c9c3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
303d3b6612e1360cd4dabbe422a37a32284aa54a8adefd1391701f51fcde2f58
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1
3431c7c047468c0917980b7bc145bffb057100273e76ac766cbf71e22bee0b9b
34ec03e16ba423f27b2db224a2d1ae09f27c349fb245c1407ac87808ccbe5679
383055600b726f0d01f9961849851972065ecf46f788a660cc71122a99e776f8
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
40fea96a497ad20cba693f4c648be46d86784c3d31ae1dd88607381705441176
42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d
445533d90bb1e24b9bf53b98dc068a3abd88753937610a985e8b876f2d65f9a4
448a8188374b1b0dbdd30d41447642c160cb4631589508832103581290998609
44c43a2f5457090275bdf4f21ecce75d46458f689b79ca7be977da03c7ab73ab
4b1289fcb64fa0f4bd797b29eca667233da10a4e4ef1c0c5a84377ff9f181f80
4b407ca5a526fcc2714528d326a7b7c8c2f6a13e5bfe42dc2b6ba2342347a400
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c19c33313dffacdbb49f54ab1fc4ba2b921bacdebdf05d57156afc8ce85c23b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e895a2ee72896bc49aa5d79d55666465e9c323b58bef34904c41c9921275d51
537b8346742a536be95d86886e06ceb2d418327bf1be7d4af249d77c9f1a52c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56aa96a72a3341a6d6280b50556b871d345175607799f75b2c3e9c9188d554c3
586e98c1c76e69846dd803fcf275eb9ce0b70e1735244b29b6f3b2b95bf7bd88
5b3de93ab257e84bb76d1a4944d5806e0e35e47b2aba504f07351cf39f88d50a
5c6a9dac82c1b77a9b34a5eb01fd555f6fbeb9d097afde4068ab9ccc64b64366
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
606a34a954f07ce0adfbe3d835abccb039d5f807b5797fb0f7730c39f92688bf
654e7e46a447e92e177e2de29c1ac0107f5b03d616411360cb2ecbd3f6c76937
673af17251b811f4ceb30f3aa3be5f51db634e548927a00e978b22093f07db68
691731dfa8d1586bdf40d8dae8a5b3a09e55d1b9562593c0b8d42b9d980e7e2c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71540b67e275cc179ff014c8c96e68d4c4fb3f56652e9681567471e72bdc8b5c
7275a322d5e6dbdc5bfc645c5a729eb8b98a23bddfd563c9edd3d1e0ebab8e8e
738c624e12566729f8189a97879525e9626ba905bf2018e991aee11a6963cabb
75605519c533148be8887e7cc4b38c016bea0c5c30bb7dfdbf3eda1ca5f5a082
796451e939fc574cd389436cf1180cbb6345359d2efbc3732f828acb8eee7fcd
7af9572067d804edfbd5f2a912cd9a081796f2eef6b03e950e97bf9171d9188b
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b7449fd1e668a6013fbedaf7452ca8bcc9d7ae677ba2176e8223dc2ec8a42c7
7cb5bb42ab71911dff535d8732b711480932b65aa0da29b6355cabceff99ba96
7e5c6eb47fef346125ced5329616b6a1a17a7b6df90371c5a3a2ce520ed8e628
7f1173b4d0d80fa7e73f2bfd64b3edd4cdfc919bfd13299c855d86fcad084472
7feea3154bfad6682eef6ec9c7db98b2a08d8b47d0a85dde6e61e69864f0c589
814e4cdc988ae671e2e488310452de43ffcc5385ebb394b9e59d22f57092cb64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84eb01ae6d9285254988a9de5b104044f0fae4d2b464a7a259ed7ef49e1b231c
86ddf8bc91cc57f0ec16d323eb761c1b5cba7ffefa6d812f01598ecf566214cc
87a8dba5d360b94d2981c950f20c56b16d0462f5f9955b72404c336fba9aca3d
89cd8d9c19b832b954eeab05b01cd95bd5bcf45bf705913fd19c1df0629ddb3c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c6985fc9ee407cdc73d53fd397761d74935e7a8b5b539ce50f7b2034a550afc
8ccc0d16b34c1bb21ab10da23a8be1b8f0dd7b2d53602403062a8d423ff5d584
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8debc3e2372f4a9804321e63685201078b8d616b88f265d6aeb87280638d3d60
8e396498d06b308b63786373ad975e59c30f57b96b52a1522e9bc4f8fac9152d
8f08822c7a3121d3abc11c943b3fa64f39993126594a161a0877e01a0f94ff00
9393d4ec00e5d13ecb95ca1f39aa07a256cc17cbfd341d10c5d557e533b525e6
957d8f497d3b0e7a0daaa195448fcf45b17103c72a28284c5f25581971c2b398
96c55fc0d94f10da5ab415ea868fae9c4e91e7b7721d52a73e3122eb02f7e4ea
97a74f91eba759e6c7023df7fd7d7f0480d585a785da8827462c249722d4c854
98b07ba157de922bce7b291c93becbff6683612721d627fe0aaff70d8b75ef03
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9dda18aa7778c219f4f5ff70ed4ded2ce145eb786a8221ffe6afd58f05fef731
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a471b6321b1f050feb482811be53e0071bd9bbf5c997e6d707bb471c96b7764f
a5b3702d6bb978ed9c116170cb7a1fbcfb9dae1cd19045846fcfdc37c669be31
a77354ab2c8c191a399e1f291ee741f7e7d2ff891e92ff44a8505ca15fe20023
a87b33808775c3739568a1eeebfe28145c4a19911ef19ced674da10797eb7018
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac88594c20a30fecc75cfab7e632a7909c7a6ba34a0ea18ce6034c76ab5aaad0
ac9f5a7f14c85fa4439c120f3d0da1cb4ff2f0d6f4b5a7535fdd3c49ca440c16
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1acdbc184a5254e83e30d1656b4cf6beb9e53660afa9e6c2c934b6f85bd3a95
b6736f8ba2193dc4c1475507b305da97e343276713e3589fede7b8462ec2a660
b785b44bc6053e5ef41a0930f300865bcdf95aef1ed68c477c1e3a0b875e3f3c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beeb1eb72578b5caac5cc1457a38894c405b73fef665b77bac298c5916d30573
bf3a39175910cf50aee0b08636316ac87bb4ea3999b412e8ae93c9f011f60018
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
c12dda3012d640cbd96cf2366e656a2ad828b544625a6273f72a1395e6616bfa
c1fd2420e5db87f1b50536774f30da92d63e826df7a767195b76151e11d710f0
c38cf154ad096f2649a8f20a79bb42d96d0b3ff94caeee2d54dd5cb6d64a8538
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
c8bfad71a515fad6e7ac700a64dd7397862a585ec398702a8541dcbfa8ff81f2
c8d993ec25ba5115247b7767e396d0ee59f0f3a14bec3355da68caf596767f02
ca5b5cc01213fd7856d001794cc6aa36bdf39580ac3abbc9e1fce20fe42eb411
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5075b49f746072cdbf2a9b810c881b7378c7397a9a30e413ed33b6b8e72aa3
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d2dfff6bd7193e750bbe30bbd673c7bf2ed1d271c6387a22c3a7e685dde04d9c
d769976f649bb614f65ccaec2f96f3caecca3f9e0201d5742617e3fdbd4385b9
dc689fb255a5b97d83778ae3e6b2ae9c0e6bbe78844b484a573126f13213cb98
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5026316d2aa020245408a1f0a1e91409d1d35d9793bb2c9a2b0699ad682c5ef
e60bf7ec507aecf3cf7622fd4eb944a810f65056d861567ff3fdbadddaf2c963
e62380dbf374ea6abcb10b1ffc31e061fdea7c75bdd226bee715e328fbad045a
e7a421fd8897cd35893d055ed62e666bfa17f39518edf7156d78f9d86eaf3f34
eac624d5c8e199e64f4bee7801881b79acf0417048e6336e93827e3f29dc2233
ed7855a47e21fbce66ff31f00692ab5dca3bcf3a4c0ae0f1375245df4522c2fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bb26deb7b861d17d8c507050a907371078ba4879e30c564b7384b507c0032d
f73c65e166c668746d5d5e7187670eb86e2bf54f05ae7cca814992b77311944a
fbfafa8378b51a1073111739ac4bf12a7f7e21c889a89e223564cc6aefe50ad9
fd808795735b0a7ad44c0a9e08fc94143465146df2b4bed8dbe0cda457a40e68

hepsiburadaplay.fun Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

62 %HTTPS

20 %IPv6

67 Domains

84 Subdomains

61 IPs

14 Countries

2412 kBTransfer

9321 kBSize

66 Cookies

2 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hepsiburadaplay.fun Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

62 %
HTTPS

20 %
IPv6

67
Domains

84
Subdomains

61
IPs

14
Countries

2412 kB
Transfer

9321 kB
Size

66
Cookies

170 HTTP transactions
10 data transactions