mkt.tur897.com Open in urlscan Pro
103.194.238.214 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mkt.tur897.com/
Effective URL:
https://mkt.tur897.com/
Submission: On May 06 via api (May 6th 2024, 9:41:37 pm UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 70 HTTP transactions. The main IP is 103.194.238.214, located in Hong Kong and belongs to RETN-AS-AP RETN Hong Kong Limited, HK. The main domain is mkt.tur897.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 28th 2024. Valid for: 3 months.

This is the only time mkt.tur897.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	103.194.238.214 103.194.238.214	134518 (RETN-AS-A...) (RETN-AS-AP RETN Hong Kong Limited)
2	163.181.92.237 163.181.92.237	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
7	104.18.39.118 104.18.39.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
40	172.64.148.138 172.64.148.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200e	() ()
1	2001:4860:480... 2001:4860:4802:32::36	() ()
70	8

10 103.194.238.214 (Hong Kong) 2 redirects

ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK)

mkt.tur897.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbw.tur897.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.181.92.237 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

beacon.fusioncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.39.118 (None, )

ASN13335 (CLOUDFLARENET, US)

cvi.gcpimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 172.64.148.138 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

i.gcpimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	gcpimg.com cvi.gcpimg.com — Cisco Umbrella Rank: 921729 i.gcpimg.com — Cisco Umbrella Rank: 894740	2 MB
10	tur897.com 2 redirects mkt.tur897.com fbw.tur897.com	311 KB
5	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 654 www.google-analytics.com region1.google-analytics.com	39 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	253 KB
2	fusioncdn.com beacon.fusioncdn.com — Cisco Umbrella Rank: 171821	20 KB
0	idbd692.com Failed r6g1br.idbd692.com Failed
70	6

	Domain	Requested by
40	i.gcpimg.com	fbw.tur897.com i.gcpimg.com
7	cvi.gcpimg.com	mkt.tur897.com
6	fbw.tur897.com	1 redirects cvi.gcpimg.com i.gcpimg.com
4	mkt.tur897.com	1 redirects cvi.gcpimg.com
3	www.googletagmanager.com	fbw.tur897.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ssl.google-analytics.com	mkt.tur897.com
2	beacon.fusioncdn.com	mkt.tur897.com fbw.tur897.com
1	region1.google-analytics.com	www.googletagmanager.com
0	r6g1br.idbd692.com Failed	i.gcpimg.com
70	10

This site contains no links.

Subject Issuer	Validity	Valid
*.tur897.com ZeroSSL RSA Domain Secure Site CA	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.fusioncdn.com R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh
cvi.gcpimg.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
i.gcpimg.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mkt.tur897.com/
Frame ID: 6DC2FBF705CF060A3FE6E9E643C6F755
Requests: 14 HTTP requests in this frame

Frame: https://fbw.tur897.com/Sports/
Frame ID: C091ACDB9537460D45E825B2F227663D
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online betting, sport betting and football betting at 12bet.com

Page URL History Show full URLs

http://mkt.tur897.com/ HTTP 307
https://mkt.tur897.com/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

93 %
HTTPS

43 %
IPv6

6
Domains

10
Subdomains

8
IPs

4
Countries

3039 kB
Transfer

8872 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mkt.tur897.com/ HTTP 307
https://mkt.tur897.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://mkt.tur897.com/EntryIndex/OpenSports?webskintype=3&lang=en&gid=37551a46-fdea-47cb-8da4-b04f8b2a9a291715031689745 HTTP 302
https://fbw.tur897.com/ValidateToken/EntryIndex?Guid=LicAPI_d9893c7f-0f55-4058-88fe-21f001ee7ddc HTTP 302
https://fbw.tur897.com/Sports/

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mkt.tur897.com/
Redirect Chain

http://mkt.tur897.com/
https://mkt.tur897.com/

4 KB
2 KB

1473ms
386ms

Document
text/html

103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://mkt.tur897.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: e54d98b70b92ff0dd090c0ebea6f2b5c9e1dbfc749d16fa4ab2ceaeaaa0303e6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 1602
Content-Type: text/html; charset=utf-8
Date: Mon, 06 May 2024 21:41:26 GMT
Vary: Accept-Encoding

Redirect headers

Location: https://mkt.tur897.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK pulse.js Show response
beacon.fusioncdn.com/ 35 KB
10 KB 361ms
42ms Script
text/javascript 163.181.92.237
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.fusioncdn.com/pulse.js?trackid=nbk59qts
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 724fd574be74ed9e5100e62f6229f32040bc2fe2da3eca39a369e44c96b41f03

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 10:21:52 GMT
Via: 1.1 google, mly inter, cache2.l2de2[917,917,200-0,M], cache19.l2de2[920,0], ens-cache5.de5[0,0,200-0,H], ens-cache16.de5[1,0]
Content-Encoding: gzip
X-Mly-Id: 7e80ba4eebae0fdf692a7dafbbf351e8
Age: 40776
X-Swift-CacheTime: 86400
Transfer-Encoding: chunked
X-Cache: HIT TCP_MEM_HIT dirn:12:12380757
Connection: keep-alive
X-Swift-SaveTime: Mon, 06 May 2024 10:21:52 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Server: Tengine
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, OPTIONS, GET, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1714990912
Access-Control-Expose-Headers: Content-Length
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
EagleId: a3b55ca417150316882271161e

GET
H2 200 jquery-3.2.1.min.js Show response
cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/jquery/ 85 KB
38 KB 621ms
87ms Script
application/javascript 104.18.39.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/jquery/jquery-3.2.1.min.js?v20240502472116
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63808
x-powered-by: ASP.NET
content-length: 38753
last-modified: Thu, 25 Nov 2021 06:49:02 GMT
server: cloudflare
etag: "083df87c8e1d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc2274beeb371f-FRA
access-control-allow-headers: *

GET
H2 200 Newindex.js Show response
cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/main/ 257 KB
102 KB 588ms
54ms Script
application/javascript 104.18.39.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/main/Newindex.js?v20240502472116
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 96c3adb00acf8c5213110f333d3d8b6c7bb11deeb76a03602d93ed7d1fc9b360

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63808
x-powered-by: ASP.NET
last-modified: Wed, 24 Apr 2024 08:25:31 GMT
server: cloudflare
etag: "808f50f82096da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc2274beed371f-FRA
access-control-allow-headers: *

GET
H2 200 newversion.css
cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/_global-L/public/css/ 6 KB
3 KB 582ms
49ms Stylesheet
text/css 104.18.39.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/_global-L/public/css/newversion.css?v20240502472116
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 86508bf33f1fef0c308a329eeb98bacfb6df4d1ad780b6aef3367ef59fee8e59

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63808
x-powered-by: ASP.NET
content-length: 2484
last-modified: Tue, 14 Feb 2023 04:49:58 GMT
server: cloudflare
etag: "359af9c92f40d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc2274bedc371f-FRA
access-control-allow-headers: *

GET
H2 200 similar.css
cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/12bet/public/css/ 33 KB
9 KB 1114ms
581ms Stylesheet
text/css 104.18.39.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/12bet/public/css/similar.css?v20240502472116
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0fa37d5644ee483370114da0efaccb3f0eacb747bccc394f9ffb8e4023ea369e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:28 GMT
content-encoding: gzip
cf-cache-status: MISS
x-powered-by: ASP.NET
content-length: 8654
last-modified: Wed, 27 Dec 2023 07:48:49 GMT
server: cloudflare
etag: "1cdbf6209938da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc2274bee8371f-FRA
access-control-allow-headers: *

GET
H2 200 utilities.css
cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/_global-L/public/css/ 6 KB
3 KB 620ms
86ms Stylesheet
text/css 104.18.39.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/_global-L/public/css/utilities.css?v20240502472116
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 15a2f316b430dd583eb57ecb1bf4f59823bcc2489b402738add6abf07c3fea90

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63808
x-powered-by: ASP.NET
content-length: 2836
last-modified: Mon, 18 Sep 2023 09:30:05 GMT
server: cloudflare
etag: "ead2bb512ead91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc2274bee5371f-FRA
access-control-allow-headers: *

GET
H2 200 style.css
cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/_global-L/china-terminate-popup/css/ 2 KB
1 KB 619ms
86ms Stylesheet
text/css 104.18.39.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/CommIndex/_global-L/china-terminate-popup/css/style.css?v20240502472116
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57d56befce7d7362de4f5694b38ee731197c4f5e7f201b68901fab833cdcbc27

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63808
content-length: 739
last-modified: Fri, 14 Jul 2023 11:58:55 GMT
server: cloudflare
etag: "418a64904ab6d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc2274bee1371f-FRA
access-control-allow-headers: *

GET
H2 200 fingerprint-creator.min.js Show response
cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/main/ 16 KB
8 KB 585ms
52ms Script
application/javascript 104.18.39.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/main/fingerprint-creator.min.js?v20240502472116
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ea98731b00d871374558a2fb45674e5c739b02e4bdc61cd7454f669af683f89

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63808
x-powered-by: ASP.NET
content-length: 7688
last-modified: Wed, 01 Jun 2022 06:07:02 GMT
server: cloudflare
etag: "077fcf7d75d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc2274beef371f-FRA
access-control-allow-headers: *

GET
BLOB 200
OK 424edf44-0ed4-4d6f-822d-efa79ff103a6
https://mkt.tur897.com/ 27 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mkt.tur897.com/424edf44-0ed4-4d6f-822d-efa79ff103a6
Requested by: Host: mkt.tur897.com
URL: https://mkt.tur897.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e545abba9bafcacc74cf09bdd6651a2dc92d6aa5c074989e65c3a70b57066a25

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 27277
Content-Type: application/javascript

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 104ms
28ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: mkt.tur897.com
URL: https://mkt.tur897.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 May 2024 20:15:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5157
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 06 May 2024 22:15:32 GMT

GET
H/1.1 200
OK GetAppConfig Show response
mkt.tur897.com/NewIndex/ 2 KB
2 KB 348ms
347ms XHR
application/json 103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://mkt.tur897.com/NewIndex/GetAppConfig?TZone=2&_=1715031689021
Requested by: Host: cvi.gcpimg.com
URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/jquery/jquery-3.2.1.min.js?v20240502472116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: 3de22cbf880929deffd1973ed52c06c9a34f918ee0037cff618ec319e0a91254

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://mkt.tur897.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 21:41:28 GMT
Cache-Control: private
Content-Length: 2005
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK GetLabel Show response
mkt.tur897.com/NewIndex/ 8 KB
8 KB 354ms
354ms XHR
application/json 103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://mkt.tur897.com/NewIndex/GetLabel
Requested by: Host: cvi.gcpimg.com
URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/jquery/jquery-3.2.1.min.js?v20240502472116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: 7a6611c254c1dd1fc3f679bc81b030275dd927571fc7343af49b5b1e8aabcd20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://mkt.tur897.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 21:41:28 GMT
Cache-Control: private
Content-Length: 7897
Content-Type: application/json; charset=utf-8

GET
H/1.1

200
OK

/ Show response
fbw.tur897.com/Sports/ Frame C091
Redirect Chain

https://mkt.tur897.com/EntryIndex/OpenSports?webskintype=3&lang=en&gid=37551a46-fdea-47cb-8da4-b04f8b2a9a291715031689745
https://fbw.tur897.com/ValidateToken/EntryIndex?Guid=LicAPI_d9893c7f-0f55-4058-88fe-21f001ee7ddc
https://fbw.tur897.com/Sports/

44 KB
13 KB

544ms
543ms

Document
text/html

103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://fbw.tur897.com/Sports/
Requested by: Host: cvi.gcpimg.com
URL: https://cvi.gcpimg.com/LicDesktopContent/NewAsiaSkin/commJS/main/Newindex.js?v20240502472116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: 6b0139f66bd7f96b66267b033b8fcdc6310c20000114746dc0e98f0a1aee9bef

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mkt.tur897.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 13014
Content-Type: text/html; charset=utf-8
Date: Mon, 06 May 2024 21:41:32 GMT
Vary: Accept-Encoding

Redirect headers

Cache-Control: private
Content-Length: 125
Content-Type: text/html; charset=utf-8
Date: Mon, 06 May 2024 21:41:31 GMT
Location: /Sports/

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 36ms
35ms Image
image/gif 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=533185526&utmhn=mkt.tur897.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Online%20betting%2C%20sport%20betting%20and%20football%20betting%20at%2012bet.com&utmhid=814210185&utmr=-&utmp=%2F&utmht=1715031689791&utmac=UA-5160706-11&utmcc=__utma%3D155694375.1230328588.1715031690.1715031690.1715031690.1%3B%2B__utmz%3D155694375.1715031690.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1438299742&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: mkt.tur897.com
URL: https://mkt.tur897.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mkt.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 21:41:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pulse.js Show response
beacon.fusioncdn.com/ Frame C091 35 KB
10 KB 154ms
37ms Script
text/javascript 163.181.92.237
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.fusioncdn.com/pulse.js?trackid=nbk59qts
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 724fd574be74ed9e5100e62f6229f32040bc2fe2da3eca39a369e44c96b41f03

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 10:21:52 GMT
Via: 1.1 google, mly inter, cache2.l2de2[917,917,200-0,M], cache19.l2de2[920,0], ens-cache5.de5[0,0,200-0,H], ens-cache16.de5[1,0]
Content-Encoding: gzip
X-Mly-Id: 7e80ba4eebae0fdf692a7dafbbf351e8
Age: 40780
X-Swift-CacheTime: 86400
Transfer-Encoding: chunked
X-Cache: HIT TCP_MEM_HIT dirn:12:12380757
Connection: keep-alive
X-Swift-SaveTime: Mon, 06 May 2024 10:21:52 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Server: Tengine
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, OPTIONS, GET, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1714990912
Access-Control-Expose-Headers: Content-Length
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
EagleId: a3b55ca417150316925141443e

GET
H2 200 jquery-2.1.4.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 82 KB
37 KB 572ms
93ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/jquery-2.1.4.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 37750
last-modified: Mon, 06 May 2024 03:57:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d982675-TXL
access-control-allow-headers: *

GET
H2 200 fastclick_lib.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 8 KB
3 KB 597ms
119ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/fastclick_lib.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b7a4abaaf4d098aa06822e4b3a5d00532fa5051b48bc427efbea4b02c7c08d6b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 3032
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909da82675-TXL
access-control-allow-headers: *

GET
H2 200 react.production.min.js Show response
i.gcpimg.com/MS2L/Js/ReactJS/16.13.1/ Frame C091 12 KB
6 KB 578ms
100ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/ReactJS/16.13.1/react.production.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa7033c5019451819f81813f4408bd8e1cd19e948a37e8ffda53f9c3b08e0ecb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 5891
last-modified: Mon, 06 May 2024 03:57:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d9b2675-TXL
access-control-allow-headers: *

GET
H2 200 react-dom.production.min.js Show response
i.gcpimg.com/MS2L/Js/ReactJS/16.13.1/ Frame C091 116 KB
48 KB 569ms
91ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/ReactJS/16.13.1/react-dom.production.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 17395d4b2f46bf7cda7745957b4bea6b1823c20db5023ffda0a6eb6b9190c9bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 48448
last-modified: Mon, 06 May 2024 03:57:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909da52675-TXL
access-control-allow-headers: *

GET
H2 200 jquery.mousewheel.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 3 KB
2 KB 566ms
89ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/jquery.mousewheel.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a80f860251402c6bd55adaa519fe7260a90e6257d4255d5652b734df3f38f39f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 1547
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d9e2675-TXL
access-control-allow-headers: *

GET
H2 200 jquery.mCustomScrollbar.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 86 KB
28 KB 598ms
121ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/jquery.mCustomScrollbar.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6081030fb78998417bee85dd091f1186ab29c3c2ef98c3b1a72af3cfcf6eec9f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 27900
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909dac2675-TXL
access-control-allow-headers: *

GET
H2 200 jquery.time-to.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 19 KB
6 KB 563ms
86ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/jquery.time-to.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18a567da9ba33d5bc6fed976772011d8932323ff96d0cd646e32325d27e406f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 6017
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d9d2675-TXL
access-control-allow-headers: *

GET
H2 200 socket.io.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 95 KB
33 KB 600ms
123ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/socket.io.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e15fba28dc2d1210aa7087b911b65bbbc57f335a167f49056f0548d853e3de79

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 33064
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d9f2675-TXL
access-control-allow-headers: *

GET
H2 200 swiper.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 138 KB
46 KB 567ms
90ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/swiper.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f06dae9eda7f01aee86f4a386ff1749c24612c5b1e947c6c91f576c4fa8f565

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 47148
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d852675-TXL
access-control-allow-headers: *

GET
H2 200 rangeslider.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 8 KB
4 KB 558ms
81ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/rangeslider.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 177cce751423e9ef20a99fa8209048fa68eba7444ea286dc9726337cb61bf92f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 3259
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d942675-TXL
access-control-allow-headers: *

GET
H2 200 streaming-player.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 499 KB
190 KB 574ms
98ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/streaming-player.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f79a27cb9c0e9d5ec4975594cde1a74d37bd4908068895f291e55f06d1384730

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22909d912675-TXL
access-control-allow-headers: *

GET
H2 200 red5pro-sdk-5.5.0-RC10.min.js Show response
i.gcpimg.com/MS2L/Js/lib/ Frame C091 207 KB
67 KB 587ms
111ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/lib/red5pro-sdk-5.5.0-RC10.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 94931a81fd2bf28bb89cbb497eed7c403194475cc0b3337f88b63ceef3cb042e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22909d9a2675-TXL
access-control-allow-headers: *

GET
H2 200 llnw-rts-sdk.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 20 KB
8 KB 590ms
114ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/llnw-rts-sdk.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b6c1d202a03bcbde2ac980ec2925cb207bc90d05dbfb2f098ad29e6bfd66730b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 8191
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d972675-TXL
access-control-allow-headers: *

GET
H2 200 hls.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 234 KB
92 KB 591ms
115ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/hls.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d725507288b18e2af4cea92c20d48d1f47062aebacc0a3b89d90726d21cf575a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22909d872675-TXL
access-control-allow-headers: *

GET
H2 200 anime.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 17 KB
9 KB 570ms
94ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/anime.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 71f229efc891fac06cdafe9765967f3dc1ce71db155e7130042e7e64aab7f43a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 8433
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d952675-TXL
access-control-allow-headers: *

GET
H2 200 global-components.css
i.gcpimg.com/MS2L/template/_global/common/css/ Frame C091 11 KB
3 KB 520ms
45ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global/common/css/global-components.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5d93fdb4841b80cc0879aab73f76d3a78c4f76108518d64a23a2a6e7d8553f64

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 2787
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d362675-TXL
access-control-allow-headers: *

GET
H2 200 global-core.css
i.gcpimg.com/MS2L/template/_global-L/common/css/ Frame C091 783 KB
198 KB 571ms
96ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-core.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f6d0a5471affb72d3914c842df50c02d62520db346abf5f9ae45d4194464d411

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22909d842675-TXL
access-control-allow-headers: *

GET
H2 200 global-theme.css
i.gcpimg.com/MS2L/template/_global/common/css/ Frame C091 79 KB
15 KB 550ms
75ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global/common/css/global-theme.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0f88a3941513c3df1a7d90d9f9006282240a722c6dd2fe3e473358d691c59b9c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 14696
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d3d2675-TXL
access-control-allow-headers: *

GET
H2 200 global-nonsports.css
i.gcpimg.com/MS2L/template/_global/common/css/ Frame C091 214 KB
33 KB 547ms
72ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global/common/css/global-nonsports.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9d1dbd57e9ce2c00291a6a585af05dbac9ce8a79707bec3d0e17c85690d10624

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 33435
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d462675-TXL
access-control-allow-headers: *

GET
H2 200 main-core.css
i.gcpimg.com/MS2L/template/12bet/common/css/ Frame C091 10 KB
3 KB 1051ms
577ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/12bet/common/css/main-core.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e9f5592e2093d2eae40d5b609140bcdb562812721b2a0e9069a057a7c236029f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:33 GMT
content-encoding: gzip
cf-cache-status: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 2500
last-modified: Mon, 06 May 2024 21:41:33 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d402675-TXL
access-control-allow-headers: *

GET
H2 200 main-nonsports.css
i.gcpimg.com/MS2L/template/12bet/common/css/ Frame C091 53 KB
11 KB 1223ms
748ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/12bet/common/css/main-nonsports.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5296fdbecc793da9962678ab541102f4de6a45658065220dd622d8ad47466ce8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:33 GMT
content-encoding: gzip
cf-cache-status: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 11196
last-modified: Mon, 06 May 2024 21:41:33 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d832675-TXL
access-control-allow-headers: *

GET
H2 200 DeviceDetect.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 410 B
647 B 557ms
83ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/DeviceDetect.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d022f4add6162734fb0136394ab004708d41d05dbf3aa445f45b2ba3bbb2df51

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 355
last-modified: Mon, 06 May 2024 03:57:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d892675-TXL
access-control-allow-headers: *

GET
H2 200 global-lic.css
i.gcpimg.com/MS2L/template/_global-L/common/css/ Frame C091 64 KB
19 KB 522ms
48ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-lic.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d5cf8e10287f5b8df518127ecbd0a277b807c7b08366912397e5b5d1f50bde6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 19542
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d412675-TXL
access-control-allow-headers: *

GET
H2 200 reward.css
i.gcpimg.com/MS2L/template/_global-L/promotion/reward/ Frame C091 152 KB
36 KB 526ms
52ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/promotion/reward/reward.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00193b1fda5f21205b97d1c6ba3bb8e192d9adee2e601c695441d1828e0d1843

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 36709
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d432675-TXL
access-control-allow-headers: *

GET
H2 200 galaxy-events.css
i.gcpimg.com/MS2L/template/_global-L/promotion/galaxyevents/ Frame C091 17 KB
5 KB 550ms
76ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/promotion/galaxyevents/galaxy-events.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ed1226a059ba33257336f8da74a96141fe28a94396b9c25ffc71926a852ad5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 4344
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d3e2675-TXL
access-control-allow-headers: *

GET
H2 200 achievement-system-v2.umd.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 367 KB
89 KB 613ms
139ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/achievement-system-v2.umd.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8a718206d5be4b5bc12d6c7c4acca889caefc8f6c5214af0a5cd0999f56fa493

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22909da22675-TXL
access-control-allow-headers: *

GET
H2 200 survey.css
i.gcpimg.com/MS2L/template/_global-L/promotion/Survey/2023q2/ Frame C091 19 KB
6 KB 547ms
73ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/promotion/Survey/2023q2/survey.css?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ebd08360692a77d2ba6c297b39f9ac49ce0edbda790c9e3cae364fc6ac9cd32

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 5404
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22907d442675-TXL
access-control-allow-headers: *

GET
H2 200 player-survey.umd.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 203 KB
88 KB 586ms
113ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/player-survey.umd.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0848198a7a8d64d8306e15e7b5bbd10e0a8efba4a52b47ca2dbf9ec8bd61a897

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22909d8b2675-TXL
access-control-allow-headers: *

GET
H2 200 fingerprint-creator.min.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 16 KB
8 KB 560ms
87ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/fingerprint-creator.min.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ea98731b00d871374558a2fb45674e5c739b02e4bdc61cd7454f669af683f89

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 7687
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d882675-TXL
access-control-allow-headers: *

GET
H2 200 main.js Show response
i.gcpimg.com/MS2L/Js/dt/ Frame C091 3 MB
847 KB 557ms
84ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/dt/main.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 76e24f7bf68ca6cb2f6f922bdfcdd80b873891ac335853c4353d7fdabed3c2da

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22909d8f2675-TXL
access-control-allow-headers: *

GET
H2 200 indexCommon.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 7 KB
3 KB 553ms
80ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/indexCommon.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 70ec04838e6c717fca18b495fe58c89303e077979f51a52fdc839ced1339c1ae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 2488
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d8e2675-TXL
access-control-allow-headers: *

GET
H2 200 csgformula.js Show response
i.gcpimg.com/MS2L/Js/csgformula/ Frame C091 24 KB
8 KB 572ms
99ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/csgformula/csgformula.js?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 19bb75b828a4811c881b325cd3da8ee2029f05042080823df6dd8130dd969bf4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:32 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
content-length: 8349
last-modified: Mon, 06 May 2024 08:13:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22909d8d2675-TXL
access-control-allow-headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame C091 364 KB
93 KB 73ms
67ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFTBB37

Requested by

Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c970a5bcecd0cfa5018474db191940cfd2e4b002c75f1f2d0abc85c620424924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94565
x-xss-protection: 0
last-modified: Mon, 06 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 May 2024 21:41:33 GMT

GET
BLOB 200
OK 64b8b9f9-bfb1-4c2a-b2a2-855491b760cf
https://fbw.tur897.com/ Frame C091 27 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fbw.tur897.com/64b8b9f9-bfb1-4c2a-b2a2-855491b760cf
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e545abba9bafcacc74cf09bdd6651a2dc92d6aa5c074989e65c3a70b57066a25

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 27277
Content-Type: application/javascript

GET
H2 200 red5pro-sdk-5.5.0-RC10.min.js Show response
i.gcpimg.com/MS2L/Js/lib/ Frame C091 207 KB
67 KB 48ms
48ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/lib/red5pro-sdk-5.5.0-RC10.min.js
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/llnw-rts-sdk.min.js?v20240502472385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 94931a81fd2bf28bb89cbb497eed7c403194475cc0b3337f88b63ceef3cb042e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:33 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10350
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:04 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22952e672675-TXL
access-control-allow-headers: *

GET
H2 200 red5pro-media.css
i.gcpimg.com/MS2L/Js/lib/ Frame C091 3 KB
1 KB 77ms
76ms Stylesheet
text/css 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/lib/red5pro-media.css
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/llnw-rts-sdk.min.js?v20240502472385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6b820d2521e25d8fbdb2db73d976b1a101ca689d1c06ede342000ed624493296

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:33 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10351
x-powered-by: ASP.NET
content-length: 1180
last-modified: Mon, 06 May 2024 08:13:04 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc229289732675-TXL
access-control-allow-headers: *

POST
H/1.1 200
OK Index Show response
fbw.tur897.com/LoginCheckin/ Frame C091 1 KB
1 KB 360ms
359ms XHR
application/json 103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://fbw.tur897.com/LoginCheckin/Index
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/jquery-2.1.4.min.js?v20240502472385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: 1e7d7aa17412103c321e6c7c75aa2fea313386b71593a4050eaaceda63f77922

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
DeviceType: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
CustId: 28540570
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
username: SPONUUS01445
Referer: https://fbw.tur897.com/Sports/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 21:41:33 GMT
Cache-Control: private
Content-Length: 1253
Content-Type: application/json; charset=utf-8

GET
H2 200 iconfont-asia2022.woff
i.gcpimg.com/MS2L/template/_global-L/common/images/UI_Core/ Frame C091 23 KB
23 KB 805ms
735ms Font
application/font-woff 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/common/images/UI_Core/iconfont-asia2022.woff?93620
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-core.css?v20240502472385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4c1e0c3707fde7f7fbff5b4fa906585250f2d76b52cb3611d871025de0acca17

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-core.css?v20240502472385
Origin: https://fbw.tur897.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 06 May 2024 21:41:34 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22963d6e4480-TXL
access-control-allow-headers: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C091 203 KB
73 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98195716-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFTBB37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d5d0e9d9528478f516afa06b68ef97f7cefd016ce0566408c5b46b73c5b865c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 21:41:33 GMT

GET
DATA 200
OK truncated
/ Frame C091 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

POST
H/1.1 200
OK GetJSResource Show response
fbw.tur897.com/JSResourceApi/ Frame C091 283 KB
283 KB 624ms
624ms XHR
application/json 103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://fbw.tur897.com/JSResourceApi/GetJSResource?lang=en
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/jquery-2.1.4.min.js?v20240502472385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: 9c9e60087cd72fa183c845849f3d7d87d4c49776d2ce8463e1f92a197a2bc868

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
CustId: 28540570
Accept: application/json, text/javascript, */*; q=0.01
username: SPONUUS01445
Referer: https://fbw.tur897.com/Sports/
X-Requested-With: XMLHttpRequest
DeviceType: 1

Response headers

Content-Type: application/json; charset=utf-8
Date: Mon, 06 May 2024 21:41:34 GMT
Cache-Control: private
Content-Length: 289873
Expires: Thu, 16 May 2024 21:41:34 GMT

OPTIONS GetSearchHistory
r6g1br.idbd692.com/api/Search/ Frame 0
0

GET GetSearchHistory
r6g1br.idbd692.com/api/Search/ Frame C091 0
0

POST
H/1.1 200
OK GetLicAutoBookieGroupId Show response
fbw.tur897.com/licensee/ Frame C091 1 B
184 B 357ms
357ms XHR
application/json 103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://fbw.tur897.com/licensee/GetLicAutoBookieGroupId
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/jquery-2.1.4.min.js?v20240502472385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
CustId: 28540570
Accept: application/json, text/javascript, */*; q=0.01
username: SPONUUS01445
Referer: https://fbw.tur897.com/Sports/
X-Requested-With: XMLHttpRequest
DeviceType: 1

Response headers

Date: Mon, 06 May 2024 21:41:36 GMT
Cache-Control: private
Content-Length: 1
Content-Type: application/json; charset=utf-8

GET
H2 200 iconcolor-asia-nonsports.svg
i.gcpimg.com/MS2L/template/_global/common/Images/UI_NonSports/ Frame C091 301 KB
97 KB 61ms
61ms Image
image/svg+xml 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gcpimg.com/MS2L/template/_global/common/Images/UI_NonSports/iconcolor-asia-nonsports.svg?ver=bcb0ef22e5f727c2d02c2f6cf9cd2f0a
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/template/_global/common/css/global-nonsports.css?v20240502472385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e04571b6fbeb1849296c1ebb019590344bbf990c1337a056e9f56e30b3196e26

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://i.gcpimg.com/MS2L/template/_global/common/css/global-nonsports.css?v20240502472385
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:36 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10351
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: Image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22a95c132675-TXL
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ Frame C091 558 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0085b282d202758737075f88c9991b07816a23f40a31548b7f615ada4a90cd8d

Request headers

Referer
Origin: https://fbw.tur897.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 iconcolor-asia2022.svg
i.gcpimg.com/MS2L/template/_global-L/common/images/UI_Core/ Frame C091 278 KB
95 KB 67ms
67ms Image
image/svg+xml 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/common/images/UI_Core/iconcolor-asia2022.svg?48662
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-core.css?v20240502472385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3127a24428a67389b944f7026bc7bb1eec32b687e91cb2c68ffe621052590821

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-core.css?v20240502472385
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:36 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10351
x-powered-by: ASP.NET
last-modified: Mon, 06 May 2024 08:13:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: Image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
cf-ray: 87fc22a97c4a2675-TXL
access-control-allow-headers: *

GET
H2 200 connectIcon.png
i.gcpimg.com/MS2L/template/_global-L/common/images/ Frame C091 3 KB
3 KB 66ms
66ms Image
image/png 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/common/images/connectIcon.png?63409
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-core.css?v20240502472385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a84046bf3c2c454cb2e0fbe4a9ca9abe586d884ad0935e88321b95edef57d65f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://i.gcpimg.com/MS2L/template/_global-L/common/css/global-core.css?v20240502472385
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:36 GMT
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10351
x-powered-by: ASP.NET
content-length: 3196
last-modified: Mon, 06 May 2024 08:13:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: Image/png
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22a97c4f2675-TXL
access-control-allow-headers: *

GET
H2 200 ExclusiveBanner.js Show response
i.gcpimg.com/MS2L/Js/ Frame C091 8 KB
3 KB 54ms
54ms Script
text/javascript 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.gcpimg.com/MS2L/Js/ExclusiveBanner.js?v=64ab4cd422ae143d6c9d
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/dt/main.js?v20240502472385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a22b1ae26d3dbd84a91ddf0803afee6723e9c81a630f77a994ad2c471e1d18c6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:36 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 10351
x-powered-by: ASP.NET
content-length: 3481
last-modified: Mon, 06 May 2024 08:13:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22a97c632675-TXL
access-control-allow-headers: *

GET WhatsNew.js
i.gcpimg.com/MS2L/Js/ Frame C091 0
0

GET
H2 200 AnchorVideo.jpg
i.gcpimg.com/MS2L/template/_global-L/en/Images/ExclusiveOffer/ Frame C091 12 KB
12 KB 72ms
71ms Image
image/jpeg 172.64.148.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gcpimg.com/MS2L/template/_global-L/en/Images/ExclusiveOffer/AnchorVideo.jpg?v20240502472385
Requested by: Host: fbw.tur897.com
URL: https://fbw.tur897.com/Sports/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.138 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1e1a5f2ef8c4681c35ee0e3157a4902a12e99f3858956af6d01191cea16f7858

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:36 GMT
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 12314
cf-bgj: h2pri
last-modified: Mon, 06 May 2024 08:55:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: Image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 87fc22a97c6d2675-TXL
access-control-allow-headers: *

POST
H/1.1 200
OK SetFingerprint Show response
fbw.tur897.com/Home/ Frame C091 29 B
213 B 365ms
364ms XHR
application/json 103.194.238.214
RETN-AS-AP RETN H...

General

Check archive.org

Show headers Download Go to

Full URL: https://fbw.tur897.com/Home/SetFingerprint
Requested by: Host: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/jquery-2.1.4.min.js?v20240502472385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.194.238.214 , Hong Kong, ASN134518 (RETN-AS-AP RETN Hong Kong Limited, HK),
Reverse DNS
Software: /
Resource Hash: 10d4572a9cbb2f1af4940c81b4f341a72a06f210dd8873ddb0459d01aeee3784

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://fbw.tur897.com/Sports/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 21:41:36 GMT
Cache-Control: private
Content-Length: 29
Content-Type: application/json; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C091 248 KB
88 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M1YWR34BQD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98195716-4&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77f5531edd4bb8a4fc7fb30bb4bce1a6034205c5d717037b896780311a58f53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:41:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89708
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 21:41:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C091 52 KB
21 KB 218ms
30ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98195716-4&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 May 2024 21:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 34
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 06 May 2024 23:41:03 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame C091 0
253 B 124ms
37ms Ping
text/plain 2001:4860:4802:32::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M1YWR34BQD&gtm=45je4510v9124357804za200&_p=1715031692387&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2091399287.1715031697&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715031697&sct=1&seg=0&dl=https%3A%2F%2Ffbw.tur897.com%2FSports%2F&dr=https%3A%2F%2Fmkt.tur897.com%2F&dt=12bet&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7233
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1YWR34BQD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 21:41:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fbw.tur897.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame C091 1 B
205 B 40ms
39ms XHR
text/plain 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=679666015&t=pageview&_s=1&dl=https%3A%2F%2Ffbw.tur897.com%2FSports%2F&dr=https%3A%2F%2Fmkt.tur897.com%2F&ul=de-de&de=UTF-8&dt=12bet&sd=24-bit&sr=1600x1200&vp=1600x1195&je=0&_u=YADAAUABAAAAACAAI~&jid=1261376304&gjid=1161087565&cid=2091399287.1715031697&tid=UA-98195716-4&_gid=1964507895.1715031697&_r=1&gtm=457e4560h2z89103160660za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1019862899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://fbw.tur897.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 May 2024 21:41:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fbw.tur897.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r6g1br.idbd692.com
URL: https://r6g1br.idbd692.com/api/Search/GetSearchHistory?lang=en&_=1715031693120

Domain: r6g1br.idbd692.com
URL: https://r6g1br.idbd692.com/api/Search/GetSearchHistory?lang=en&_=1715031693120

Domain: i.gcpimg.com
URL: https://i.gcpimg.com/MS2L/Js/WhatsNew.js?v=3bb203a4addcd1103d82

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mkt.tur897.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wgt02zj0pwdldt1djxdxidc4
.cvi.gcpimg.com/	1970-01-20 20:23:53	Name: __cf_bm Value: M21nolgZIQN0_Icf9H6HSjVU8JCWArezm3FSEsJs_jk-1715031688-1.0.1.1-7rqo5iM_cp8lGjBANKJeHJFgopla0ywIpSFBbuTJB_gE.wUekUcQmmgh3y2q1Gl13Ao8NxlVCe8ACwTLYV8sEg
.mkt.tur897.com/	1970-01-21 05:59:51	Name: __utma Value: 155694375.1230328588.1715031690.1715031690.1715031690.1
.mkt.tur897.com/	1969-12-31 23:59:59	Name: __utmc Value: 155694375
.mkt.tur897.com/	1970-01-21 00:46:39	Name: __utmz Value: 155694375.1715031690.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.mkt.tur897.com/	1970-01-20 20:23:52	Name: __utmt Value: 1
.mkt.tur897.com/	1970-01-20 20:23:53	Name: __utmb Value: 155694375.1.10.1715031690
fbw.tur897.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mnbd0wv4mtkmadh5pf0bsn35
fbw.tur897.com/	1969-12-31 23:59:59	Name: .ASPXAUTH Value: 9EF15AD5D57DA7A2682CC0B9A9EB142F8D8C265DFB04F9FD2F2ECDAC98E59D07027B89DCD9FFC314A6C1BF726D4BE5ACC74AE3753626114B9BD0C2A9DFC43B0F6C8B1F3D0BF151B128C03BB9CF2E69917B59B21BAD1FD414B824B37280533B2E
fbw.tur897.com/	1970-01-21 05:09:27	Name: _culture Value: th-TH
.i.gcpimg.com/	1970-01-20 20:23:53	Name: __cf_bm Value: iM3Wo3O3Lw6beVs_RtrCfjeyslJpagY1oOCZ4MNjUmI-1715031693-1.0.1.1-80D1q9BgadHMcfvvdEMrDUV8plXTMOFAV8ZWjVmDrymXH42mRAMeHX6V6hqrIHp09RPF56Og4SkJiD3z.sUQCg

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mkt.tur897.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.fusioncdn.com
cvi.gcpimg.com
fbw.tur897.com
i.gcpimg.com
mkt.tur897.com
r6g1br.idbd692.com
region1.google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
i.gcpimg.com
r6g1br.idbd692.com
103.194.238.214
104.18.39.118
163.181.92.237
172.64.148.138
2001:4860:4802:32::36
2a00:1450:4001:811::200e
2a00:1450:4001:831::2008
00193b1fda5f21205b97d1c6ba3bb8e192d9adee2e601c695441d1828e0d1843
0085b282d202758737075f88c9991b07816a23f40a31548b7f615ada4a90cd8d
0848198a7a8d64d8306e15e7b5bbd10e0a8efba4a52b47ca2dbf9ec8bd61a897
0ed1226a059ba33257336f8da74a96141fe28a94396b9c25ffc71926a852ad5b
0f88a3941513c3df1a7d90d9f9006282240a722c6dd2fe3e473358d691c59b9c
0fa37d5644ee483370114da0efaccb3f0eacb747bccc394f9ffb8e4023ea369e
10d4572a9cbb2f1af4940c81b4f341a72a06f210dd8873ddb0459d01aeee3784
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15a2f316b430dd583eb57ecb1bf4f59823bcc2489b402738add6abf07c3fea90
17395d4b2f46bf7cda7745957b4bea6b1823c20db5023ffda0a6eb6b9190c9bd
177cce751423e9ef20a99fa8209048fa68eba7444ea286dc9726337cb61bf92f
18a567da9ba33d5bc6fed976772011d8932323ff96d0cd646e32325d27e406f9
19bb75b828a4811c881b325cd3da8ee2029f05042080823df6dd8130dd969bf4
1e1a5f2ef8c4681c35ee0e3157a4902a12e99f3858956af6d01191cea16f7858
1e7d7aa17412103c321e6c7c75aa2fea313386b71593a4050eaaceda63f77922
2f06dae9eda7f01aee86f4a386ff1749c24612c5b1e947c6c91f576c4fa8f565
3127a24428a67389b944f7026bc7bb1eec32b687e91cb2c68ffe621052590821
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3de22cbf880929deffd1973ed52c06c9a34f918ee0037cff618ec319e0a91254
4c1e0c3707fde7f7fbff5b4fa906585250f2d76b52cb3611d871025de0acca17
5296fdbecc793da9962678ab541102f4de6a45658065220dd622d8ad47466ce8
57d56befce7d7362de4f5694b38ee731197c4f5e7f201b68901fab833cdcbc27
5d5d0e9d9528478f516afa06b68ef97f7cefd016ce0566408c5b46b73c5b865c
5d93fdb4841b80cc0879aab73f76d3a78c4f76108518d64a23a2a6e7d8553f64
5ebd08360692a77d2ba6c297b39f9ac49ce0edbda790c9e3cae364fc6ac9cd32
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6081030fb78998417bee85dd091f1186ab29c3c2ef98c3b1a72af3cfcf6eec9f
6b0139f66bd7f96b66267b033b8fcdc6310c20000114746dc0e98f0a1aee9bef
6b820d2521e25d8fbdb2db73d976b1a101ca689d1c06ede342000ed624493296
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ea98731b00d871374558a2fb45674e5c739b02e4bdc61cd7454f669af683f89
70ec04838e6c717fca18b495fe58c89303e077979f51a52fdc839ced1339c1ae
71f229efc891fac06cdafe9765967f3dc1ce71db155e7130042e7e64aab7f43a
724fd574be74ed9e5100e62f6229f32040bc2fe2da3eca39a369e44c96b41f03
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
76e24f7bf68ca6cb2f6f922bdfcdd80b873891ac335853c4353d7fdabed3c2da
77f5531edd4bb8a4fc7fb30bb4bce1a6034205c5d717037b896780311a58f53b
7a6611c254c1dd1fc3f679bc81b030275dd927571fc7343af49b5b1e8aabcd20
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86508bf33f1fef0c308a329eeb98bacfb6df4d1ad780b6aef3367ef59fee8e59
8a718206d5be4b5bc12d6c7c4acca889caefc8f6c5214af0a5cd0999f56fa493
94931a81fd2bf28bb89cbb497eed7c403194475cc0b3337f88b63ceef3cb042e
96c3adb00acf8c5213110f333d3d8b6c7bb11deeb76a03602d93ed7d1fc9b360
9c9e60087cd72fa183c845849f3d7d87d4c49776d2ce8463e1f92a197a2bc868
9d1dbd57e9ce2c00291a6a585af05dbac9ce8a79707bec3d0e17c85690d10624
a22b1ae26d3dbd84a91ddf0803afee6723e9c81a630f77a994ad2c471e1d18c6
a80f860251402c6bd55adaa519fe7260a90e6257d4255d5652b734df3f38f39f
a84046bf3c2c454cb2e0fbe4a9ca9abe586d884ad0935e88321b95edef57d65f
aa7033c5019451819f81813f4408bd8e1cd19e948a37e8ffda53f9c3b08e0ecb
b6c1d202a03bcbde2ac980ec2925cb207bc90d05dbfb2f098ad29e6bfd66730b
b7a4abaaf4d098aa06822e4b3a5d00532fa5051b48bc427efbea4b02c7c08d6b
c970a5bcecd0cfa5018474db191940cfd2e4b002c75f1f2d0abc85c620424924
d022f4add6162734fb0136394ab004708d41d05dbf3aa445f45b2ba3bbb2df51
d5cf8e10287f5b8df518127ecbd0a277b807c7b08366912397e5b5d1f50bde6a
d725507288b18e2af4cea92c20d48d1f47062aebacc0a3b89d90726d21cf575a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e04571b6fbeb1849296c1ebb019590344bbf990c1337a056e9f56e30b3196e26
e15fba28dc2d1210aa7087b911b65bbbc57f335a167f49056f0548d853e3de79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e545abba9bafcacc74cf09bdd6651a2dc92d6aa5c074989e65c3a70b57066a25
e54d98b70b92ff0dd090c0ebea6f2b5c9e1dbfc749d16fa4ab2ceaeaaa0303e6
e9f5592e2093d2eae40d5b609140bcdb562812721b2a0e9069a057a7c236029f
f6d0a5471affb72d3914c842df50c02d62520db346abf5f9ae45d4194464d411
f79a27cb9c0e9d5ec4975594cde1a74d37bd4908068895f291e55f06d1384730

mkt.tur897.com Open in urlscan Pro 103.194.238.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

93 %HTTPS

43 %IPv6

6 Domains

10 Subdomains

8 IPs

4 Countries

3039 kBTransfer

8872 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mkt.tur897.com Open in urlscan Pro
103.194.238.214 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

93 %
HTTPS

43 %
IPv6

6
Domains

10
Subdomains

8
IPs

4
Countries

3039 kB
Transfer

8872 kB
Size

11
Cookies

70 HTTP transactions
2 data transactions