go.hepsibahis090.com Open in urlscan Pro
2606:4700::6812:16ac Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://brain-lab.fr/
Effective URL:
https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm...
Submission: On June 17 via api (June 17th 2023, 2:27:39 am UTC) from US — Scanned from FR

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 48 HTTP transactions. The main IP is 2606:4700::6812:16ac, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.hepsibahis090.com.
TLS certificate: Issued by R3 on June 16th 2023. Valid for: 3 months.

This is the only time go.hepsibahis090.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:87f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	2606:4700::68... 2606:4700::6812:16ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
48	11

1 2606:4700:3030::ac43:87f7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

brain-lab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

trk.winaffiliates1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:16ac (United States)

ASN13335 (CLOUDFLARENET, US)

go.hepsibahis090.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	hepsibahis090.com go.hepsibahis090.com	618 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	115 KB
4	gstatic.com fonts.gstatic.com	85 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3239	60 KB
3	google.fr www.google.fr — Cisco Umbrella Rank: 13575	622 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2890 www.google.com — Cisco Umbrella Rank: 3	772 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 124	478 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	136 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 ajax.googleapis.com — Cisco Umbrella Rank: 422	31 KB
1	winaffiliates1.com 1 redirects trk.winaffiliates1.com — Cisco Umbrella Rank: 555142	913 B
1	brain-lab.fr 1 redirects brain-lab.fr	470 B
48	11

	Domain	Requested by
23	go.hepsibahis090.com	go.hepsibahis090.com
5	www.google-analytics.com	go.hepsibahis090.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
4	mc.yandex.ru	1 redirects go.hepsibahis090.com
3	www.google.fr	go.hepsibahis090.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google.com	go.hepsibahis090.com
2	www.googletagmanager.com	go.hepsibahis090.com www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ajax.googleapis.com	go.hepsibahis090.com
1	fonts.googleapis.com	go.hepsibahis090.com
1	trk.winaffiliates1.com	1 redirects
1	brain-lab.fr	1 redirects
48	13

This site contains links to these domains. Also see Links.

Domain
www.hepsibahis090.com

Subject Issuer	Validity	Valid
go.hepsibahis090.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Frame ID: 97DF4CB214C7E04CF6723AFF96E9E4CA
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hepsibahis - youwin - Hoş Geldin Bonusu 3000

Page URL History Show full URLs

https://brain-lab.fr/ HTTP 301
https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&aff... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

98 %
HTTPS

100 %
IPv6

11
Domains

13
Subdomains

11
IPs

4
Countries

1045 kB
Transfer

1654 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hepsibahis090.com/registration?&affiliate=net_refer&pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59
Title: HEMEN KAYIT OL +10.000 VefaPuan kazan!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://brain-lab.fr/ HTTP 301
https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A715%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A933955719010%3Ahid%3A970754123%3Az%3A0%3Ai%3A20230617022733%3Aet%3A1686968854%3Ac%3A1%3Arn%3A865102546%3Arqn%3A1%3Au%3A1686968854618339379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A42%2C41%2C111%2C1%2C323%2C0%2C%2C165%2C0%2C%2C%2C%2C683%3Aco%3A0%3Acpf%3A1%3Ans%3A1686968852527%3Arqnl%3A1%3Ast%3A1686968854%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A715%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A933955719010%3Ahid%3A970754123%3Az%3A0%3Ai%3A20230617022733%3Aet%3A1686968854%3Ac%3A1%3Arn%3A865102546%3Arqn%3A1%3Au%3A1686968854618339379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A42%2C41%2C111%2C1%2C323%2C0%2C%2C165%2C0%2C%2C%2C%2C683%3Aco%3A0%3Acpf%3A1%3Ans%3A1686968852527%3Arqnl%3A1%3Ast%3A1686968854%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
go.hepsibahis090.com/welcomeoffernew/
Redirect Chain

https://brain-lab.fr/
https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449
https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449

17 KB
5 KB

194ms
111ms

Document
text/html

2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d672a72c7c2eb72b0caf68e34d3084f5f17bdc9fb7f98bb8ae811b906dff4212

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-cache-status: MISS
cf-ray: 7d87daa2eabd016f-CDG
content-encoding: br
content-md5: LrSFyD+TDTfRHLe1uRPtTw==
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 02:27:33 GMT
last-modified: Fri, 16 Jun 2023 16:22:32 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 9bb238f3-101e-0050-04c3-a0d052000000
x-ms-version: 2014-02-14

Redirect headers

access-control-expose-headers: Request-Context
cache-control: private,no-cache, no-store
content-length: 0
content-type: text/html
date: Sat, 17 Jun 2023 02:27:32 GMT
location: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma: no-cache
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version: 4.0.30319
x-azure-ref: 0FBqNZAAAAAANs0NFQSc8RYRBf8OThL7JUFJBRURHRTEzMTMAODNhZGJlNjktZjM2NC00ODM4LWIzZmQtMzQ1NDkwNzM0ODlh
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
900 B 93ms
34ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Jaldi:wght@400;700&display=swap

Requested by

Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47db815a4e0b15cf92687e3bd7a75ab2ed8f048e16c7a56300534289684a4ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 01:37:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 02:27:33 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 03:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 03:36:51 GMT

GET
H2 200 custom.js Show response
go.hepsibahis090.com/ 10 KB
2 KB 28ms
28ms Script
application/javascript 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hepsibahis090.com/custom.js
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2cuBhFIzR3Bb9nf6otliyQ==
age: 35601
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 08 Feb 2023 22:30:55 GMT
server: cloudflare
etag: W/"0x8DB0A24247B7FDE"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0fffb13e-a01e-0037-5170-a0c0ae000000
x-ms-version: 2014-02-14
cf-ray: 7d87daa39b08016f-CDG

GET
H2 200 logo.png
go.hepsibahis090.com/welcomeoffernew/ 1 KB
2 KB 29ms
29ms Image
image/png 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/logo.png
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d233b4d27f8e7659461f58eec6d73c89a65b1c3c2ea6ef94a33b3e257034f7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: UC3F+448DNy6SAsCGfc9kA==
age: 26624
content-length: 1489
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E3D371F9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 542c936d-e01e-0044-3485-a0983d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa44b4f016f-CDG

GET
H2 200 payments.png
go.hepsibahis090.com/welcomeoffernew/ 3 KB
3 KB 29ms
27ms Image
image/png 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/payments.png
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8301f736748c31e40996c976b2a487006e6bd07cd7ab3e370559b883cb02434e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: wQX1wsM0pMV483pBad3P2A==
age: 26624
content-length: 3436
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E40C2CEA"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 9d400626-e01e-0009-1585-a057d1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b60016f-CDG

GET
H2 200 b1.jpg
go.hepsibahis090.com/welcomeoffernew/ 25 KB
25 KB 30ms
26ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/b1.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9079e637d6e4439b2ab241bc9b845aa12c4b40a7a659d1230e50e6b9b2b11f92

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: ZONa2aPUwpLhmKteNxh5cg==
age: 26624
content-length: 25834
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E387F506"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 91fbe4dc-e01e-0054-0985-a05d55000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b61016f-CDG

GET
H2 200 b6.jpg
go.hepsibahis090.com/welcomeoffernew/ 37 KB
38 KB 48ms
45ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/b6.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e06dcb2e9abd1028b9ff495ff44334ffcee13a6ff21f64eed24991239b7ed3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: /Ytk/Lv12JCuooci/8gYpw==
age: 26624
content-length: 38278
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E421117C"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: daa53b61-f01e-0077-1085-a0c796000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b62016f-CDG

GET
H2 200 b7.jpg
go.hepsibahis090.com/welcomeoffernew/ 21 KB
21 KB 49ms
46ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/b7.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d7813f09725688e7b7de65b96048ec613de74840778abdf1f405652716bd4c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: Km151SLXBLOK3oTdbt9Uqw==
age: 26624
content-length: 21209
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E427EE40"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: ac285767-b01e-002b-3d85-a092ce000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b63016f-CDG

GET
H2 200 b5.jpg
go.hepsibahis090.com/welcomeoffernew/ 26 KB
27 KB 33ms
30ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/b5.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50a8cc4c0e9524cd06682032dd2e6a746c7a62f770565a706f49f90893fa8793

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: 5bwejaRQ8s/TpZcR/Y29QQ==
age: 26624
content-length: 27128
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E41A5BB3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b25f0cc0-e01e-006b-2185-a095f6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b64016f-CDG

GET
H2 200 b2.jpg
go.hepsibahis090.com/welcomeoffernew/ 14 KB
14 KB 48ms
45ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/b2.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a8816f090f04da887014e6b33ffdc5b9972ebdcdc988ab47671dc9e1c80c40

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: Dmz53MZ2t/TPIVABLEYunQ==
age: 26624
content-length: 14589
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E390CD5A"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: cf33337e-701e-0046-0685-a02685000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b65016f-CDG

GET
H2 200 b3.jpg
go.hepsibahis090.com/welcomeoffernew/ 30 KB
30 KB 50ms
47ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/b3.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e2175f6b9777741b9a55f734d50a98a82913c4e714fae9d49733de3f91be96f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: SEveFOE0IwA0uif4uLvqMQ==
age: 26624
content-length: 30841
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E3986D5C"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: ef3ac697-401e-002f-0185-a01fc9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b66016f-CDG

GET
H2 200 b4.jpg
go.hepsibahis090.com/welcomeoffernew/ 24 KB
24 KB 49ms
47ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/b4.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d213e14ecdbd013ac234292f3e5a1d1bced93fc21880676cbe18da7882e9c928

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: VYmd0Pwnm0SPKIbrp359cA==
age: 26624
content-length: 24099
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E39ED516"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 51c7065b-101e-006f-6185-a018f1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b67016f-CDG

GET
H2 200 cookieplugin.js Show response
go.hepsibahis090.com/welcomeoffernew/ 1 KB
811 B 40ms
40ms Script
application/javascript 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hepsibahis090.com/welcomeoffernew/cookieplugin.js
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: beLWMboQ03ua3lh6HCIJ7g==
age: 26624
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: W/"0x8DB6E85E4AC9B48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 646f0ee2-501e-0051-5a85-a08f8e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 7d87daa43b47016f-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 123 KB
48 KB 94ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26966128-5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3349b9afcd1743205d5e8daa42a02cb1ed1a3272983913e0dc2942b9a80247ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 02:27:33 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 165 KB
58 KB 274ms
134ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/custom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 15:38:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6481cbd8-e779"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 59257
expires: Sat, 17 Jun 2023 03:27:33 GMT

GET
H2 200 gatesofolympus.png
go.hepsibahis090.com/welcomeoffernew/ 22 KB
22 KB 47ms
43ms Image
image/png 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/gatesofolympus.png
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0436b66498e4be19d8ccbb0568d93361b1a629f0d5b28836b5d86af54326f8fe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: IXvV671yRhlbMP5rgkQPXg==
age: 26623
content-length: 22046
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E436B92D"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ebeec3b8-d01e-0012-1285-a069d2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b68016f-CDG

GET
H2 200 burningclassics.png
go.hepsibahis090.com/welcomeoffernew/ 21 KB
21 KB 48ms
44ms Image
image/png 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/burningclassics.png
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d5fdf74027b6a9a3bb6b056103b1f55c9698aa8ffc8dae9122f82584d319ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: ihAwc8r+3z99tzQCv/LSzQ==
age: 26623
content-length: 21162
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E49482ED"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e523d2c1-b01e-0049-6e85-a050e9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa47b69016f-CDG

GET
H2 200 aviator.gif
go.hepsibahis090.com/welcomeoffernew/ 36 KB
36 KB 64ms
60ms Image
image/gif 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/aviator.gif
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37df2780de46b5dd8ad507d4dab32ab5ef0b7bdc3dab69a607897237ba6d898f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: 11dbWw14oTsySerW4Q8zPQ==
age: 26623
content-length: 37082
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E4444BD5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 49e856ae-d01e-0060-5885-a06e9d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b70016f-CDG

GET
H2 200 tntbonanza.gif
go.hepsibahis090.com/welcomeoffernew/ 46 KB
47 KB 65ms
60ms Image
image/gif 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/tntbonanza.gif
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587b0d3b686c4a1bf3f1a09e5d64828822f87c28627278ca738807466de9d65d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: Up3oecqyPBu3+gCC588N1A==
age: 26623
content-length: 47496
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E44B4FA3"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: c97d467f-901e-003c-5d85-a03bc5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b71016f-CDG

GET
H2 200 wildsoffortune.gif
go.hepsibahis090.com/welcomeoffernew/ 46 KB
46 KB 54ms
50ms Image
image/gif 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/wildsoffortune.gif
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61696eed9d357e9f765dade241450ce3bd9ed99561401cb4acedabeee5339392

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: sO29et9UlONhby1Js1eJ3g==
age: 26623
content-length: 46806
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E49BFBEB"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: df0897a2-301e-0035-3985-a07e16000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b72016f-CDG

GET
H2 200 sweetbonanza.gif
go.hepsibahis090.com/welcomeoffernew/ 52 KB
52 KB 54ms
51ms Image
image/gif 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/sweetbonanza.gif
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b2e8b3ea830a3242c86c5f3ec9a58ed168bce5d27f0df9c070e3b85a4a448b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: 14ej0vIfWKtK0eXIkuLjWA==
age: 26623
content-length: 53057
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E47DA2E5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: c223d951-901e-0003-1185-a0f366000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b74016f-CDG

GET
H2 200 sugarrush.png
go.hepsibahis090.com/welcomeoffernew/ 19 KB
19 KB 48ms
44ms Image
image/png 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/sugarrush.png
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 105b4ef82c692c0c392c33d14d1494023da1072ea0e0a8e1339a416d39eda73b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: a0PAZv2EO4sCmMP/w0VxOw==
age: 26623
content-length: 19151
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E46FC239"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 265db1e6-d01e-002d-4f85-a0a171000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b75016f-CDG

GET
H2 200 wanteddead.gif
go.hepsibahis090.com/welcomeoffernew/ 46 KB
46 KB 52ms
49ms Image
image/gif 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/wanteddead.gif
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 674a8d3d9ee3010873d29e7fde6bc0c1495a8c02bfd922a68d05fb7ee996742f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: 5h57hdxHntd0sRiunpW85g==
age: 26623
content-length: 46650
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:34 GMT
server: cloudflare
etag: "0x8DB6E85E45B52DD"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 5e29b4d0-601e-004a-4f85-a0b18d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b76016f-CDG

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 89ms
27ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 01:04:42 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 17 Jun 2023 03:04:42 GMT

GET
H2 200 welcome-offer.jpg
go.hepsibahis090.com/welcomeoffernew/ 128 KB
128 KB 63ms
61ms Image
image/jpeg 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/welcome-offer.jpg
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd13ec0d488e2587cc757bd7e07e3520916dd8ec7f6abcbcd412f4ec9c0ad17

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: GvG35o5MvkakELGUV834gQ==
age: 26623
content-length: 130742
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E3F7E496"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: a3be2e13-101e-001d-5e85-a01fbe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b77016f-CDG

GET
H2 200 key_gold.png
go.hepsibahis090.com/welcomeoffernew/ 9 KB
9 KB 63ms
61ms Image
image/png 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/key_gold.png
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 256c4b318570f94de78a1e667f021b754781cc5dc1848184aee299b7e6aca0f0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: KXdbxdR952q3VrEOSSiIFA==
age: 26623
content-length: 9184
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E3BF0290"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a6cb40b9-f01e-0067-2d85-a002fe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b78016f-CDG

GET
H2 200 controls.png
go.hepsibahis090.com/welcomeoffernew/ 486 B
642 B 63ms
62ms Image
image/png 2606:4700::6812:16ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis090.com/welcomeoffernew/controls.png
Requested by: Host: go.hepsibahis090.com
URL: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f22266fe00d5369d65e96b1c57b539a37c62a11dcf8b1b3c1255bbc5647bf72e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/welcomeoffernew/index.html?pname=659065_0CEF42F0F4D2466897C4A2E4B81F7D59&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 17 Jun 2023 02:27:33 GMT
cf-cache-status: HIT
content-md5: hEZOCoLq/3GPdZa5cElldQ==
age: 24214
content-length: 486
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 16:22:33 GMT
server: cloudflare
etag: "0x8DB6E85E4137EE1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f312c7df-201e-004b-698a-a0ee51000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d87daa49b79016f-CDG

GET
H2 200 or3hQ67z0_CI33voSYT-JrUFng.woff2
fonts.gstatic.com/s/jaldi/v12/ 20 KB
20 KB 113ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v12/or3hQ67z0_CI33voSYT-JrUFng.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jaldi:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d20f8b4c37e8e9e85a64ef59b4b3aa21cf3a056d21feffd2befffd236adac3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.hepsibahis090.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 00:15:47 GMT
x-content-type-options: nosniff
age: 94306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20864
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 00:15:47 GMT

GET
H2 200 or3hQ67z0_CI33voSYTwJrU.woff2
fonts.gstatic.com/s/jaldi/v12/ 22 KB
23 KB 95ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v12/or3hQ67z0_CI33voSYTwJrU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jaldi:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369f8ab83001212600a060e3eeb96d745a236dae4d6cb76d999bf4febec3b1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.hepsibahis090.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:47:42 GMT
x-content-type-options: nosniff
age: 542391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22672
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 19:47:42 GMT

GET
H2 200 or3sQ67z0_CI33NTbJE.woff2
fonts.gstatic.com/s/jaldi/v12/ 21 KB
21 KB 128ms
57ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v12/or3sQ67z0_CI33NTbJE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jaldi:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d64504311b45faa0689f772c00f48884df02da356add532e76d2ba0f4a42bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.hepsibahis090.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 14:51:31 GMT
x-content-type-options: nosniff
age: 560162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21844
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:39:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 14:51:31 GMT

GET
H2 200 or3sQ67z0_CI33NdbJHPBw.woff2
fonts.gstatic.com/s/jaldi/v12/ 20 KB
20 KB 134ms
72ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v12/or3sQ67z0_CI33NdbJHPBw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jaldi:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c6c304bd4b6b28030a0346a5304faa1d2cd2487e913cfe8ce42c422f9cfea54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.hepsibahis090.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 10:40:55 GMT
x-content-type-options: nosniff
age: 575198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20836
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 10:40:55 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 120 KB
47 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T4HQLRB&cid=2051876322.1686968853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

741083b0b40da7e6f1aa155a15b75c835e94e1ae43df6b65cfdea64baf0f22e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47972
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Jun 2023 02:27:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
88 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26966128-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09fab33dbb90d3a50f56056a03ea53be817262e1408a81c3a0b0a9b9fcf7acb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 02:27:33 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 32ms
31ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=799020596&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=1580413729&gjid=538939208&cid=2051876322.1686968853&tid=UA-26966128-5&_gid=1334132197.1686968853&_r=1&_slc=1&z=846224069

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis090.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 120 KB
47 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NSX5KH6&t=gtag_UA_26966128_5&cid=2051876322.1686968853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f393684788b089bd19dde83cf966484f698adf627bb87186f3aacfafd9dc401a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47997
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Jun 2023 02:27:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 73ms
22ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=2051876322.1686968853&jid=1580413729&gjid=538939208&_gid=1334132197.1686968853&_u=KGBAAEACQAAAACAAI~&z=1733834802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis090.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 63ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6ZJT1RZ4NZ&gtm=45je36e0&_p=799020596&_gaz=1&cid=2051876322.1686968853&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686968853&sct=1&seg=0&dl=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 22ms
21ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6ZJT1RZ4NZ&cid=2051876322.1686968853&gtm=45je36e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 95ms
37ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6ZJT1RZ4NZ&cid=2051876322.1686968853&gtm=45je36e0&aip=1&z=92931944

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 93ms
36ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=2051876322.1686968853&jid=1580413729&_u=KGBAAEACQAAAACAAI~&z=1096291596

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 88ms
36ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=2051876322.1686968853&jid=1580413729&_u=KGBAAEACQAAAACAAI~&z=1096291596

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
32ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=799020596&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAACAAI~&jid=748026096&gjid=1142907156&cid=2051876322.1686968853&tid=UA-26966128-5&_gid=1334132197.1686968853&_r=1&gtm=457e36e0&jsscut=1&z=2128328141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis090.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 67ms
67ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:27:33 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 15:38:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6481cbd8-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Jun 2023 03:27:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=2051876322.1686968853&jid=748026096&gjid=1142907156&_gid=1334132197.1686968853&_u=aGDAAUADQAAAACAAI~&z=996877735

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis090.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/48641507/
Redirect Chain

https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26ut...
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26...

447 B
530 B

73ms
73ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A715%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A933955719010%3Ahid%3A970754123%3Az%3A0%3Ai%3A20230617022733%3Aet%3A1686968854%3Ac%3A1%3Arn%3A865102546%3Arqn%3A1%3Au%3A1686968854618339379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A42%2C41%2C111%2C1%2C323%2C0%2C%2C165%2C0%2C%2C%2C%2C683%3Aco%3A0%3Acpf%3A1%3Ans%3A1686968852527%3Arqnl%3A1%3Ast%3A1686968854%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ae8bd6124319d2db7988a26e5ecf4759b325b498295a203e6a1b164569dfd0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 17-Jun-2023 02:27:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 02:27:33 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 17-Jun-2023 02:27:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis090.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_0CEF42F0F4D2466897C4A2E4B81F7D59%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A715%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A933955719010%3Ahid%3A970754123%3Az%3A0%3Ai%3A20230617022733%3Aet%3A1686968854%3Ac%3A1%3Arn%3A865102546%3Arqn%3A1%3Au%3A1686968854618339379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A42%2C41%2C111%2C1%2C323%2C0%2C%2C165%2C0%2C%2C%2C%2C683%3Aco%3A0%3Acpf%3A1%3Ans%3A1686968852527%3Arqnl%3A1%3Ast%3A1686968854%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://go.hepsibahis090.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 02:27:33 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=2051876322.1686968853&jid=748026096&_u=aGDAAUADQAAAACAAI~&z=1035189125

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 37ms
37ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=2051876322.1686968853&jid=748026096&_u=aGDAAUADQAAAACAAI~&z=1035189125

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis090.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 02:27:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winaffiliates1.com/	1970-01-20 22:12:08	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a2086821%2c%22BID%22%3a3449%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1686968852816)%5c%2f%22%2c%22CookieTag%22%3a%223449208682111%3a%3a451d%3a8%3a0d14%3a1002C2023617227%22%7d%5d
.winaffiliates1.com/	1970-01-20 22:12:08	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224723539316%7c1%22%7d%5d
.hepsibahis090.com/	1970-01-20 13:19:20	Name: pnameCookie Value: 659065_0CEF42F0F4D2466897C4A2E4B81F7D59
.hepsibahis090.com/	1970-01-20 13:19:20	Name: affiliateCookie Value: net_refer
.hepsibahis090.com/	1970-01-20 13:19:20	Name: sb_clickthroughpromotion Value: 659065_0CEF42F0F4D2466897C4A2E4B81F7D59
.hepsibahis090.com/	1970-01-20 13:19:20	Name: sb_clickthroughurl Value: https%3A%2F%2Fm.hepsibahis090.com
.hepsibahis090.com/	1970-01-20 13:19:20	Name: sb_clickthroughusername Value: net_refer
.hepsibahis090.com/	1970-01-20 12:37:35	Name: _gid Value: GA1.2.1334132197.1686968853
.hepsibahis090.com/	1970-01-20 12:36:08	Name: _gat Value: 1
.hepsibahis090.com/	1970-01-20 22:12:08	Name: _ga_6ZJT1RZ4NZ Value: GS1.1.1686968853.1.0.1686968853.60.0.0
.hepsibahis090.com/	1970-01-20 22:12:08	Name: _ga Value: GA1.1.2051876322.1686968853
.hepsibahis090.com/	1970-01-20 12:36:08	Name: _gat_gtag_UA_26966128_5 Value: 1
.hepsibahis090.com/	1970-01-20 21:21:44	Name: _ym_uid Value: 1686968854618339379
.hepsibahis090.com/	1970-01-20 21:21:44	Name: _ym_d Value: 1686968854
.hepsibahis090.com/	1970-01-20 12:37:20	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 836768641686968853
.yandex.ru/	1970-01-20 22:12:08	Name: i Value: gNWpdo7T1vpdmPOvR5upvatGbF9Y2G+gZj3y500wTqu7bVjMxbAqMb7U5uk+muV2ok+oiCapZtl3yFQNO31KJhRhKNQ=
.yandex.ru/	1970-01-20 22:12:08	Name: yandexuid Value: 3879037991686968853
.yandex.ru/	1970-01-20 21:21:44	Name: yuidss Value: 3879037991686968853
.yandex.ru/	1970-01-20 21:21:44	Name: ymex Value: 1718504853.yc.1686968853#1718504853.yrts.1686968853#1718504853.yrtsi.1686968853
.yandex.ru/	1970-01-20 21:21:44	Name: bh Value: KgI/MA==
.hepsibahis090.com/	1970-01-20 12:36:10	Name: _ym_visorc Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
brain-lab.fr
fonts.googleapis.com
fonts.gstatic.com
go.hepsibahis090.com
mc.yandex.ru
region1.analytics.google.com
stats.g.doubleclick.net
trk.winaffiliates1.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3030::ac43:87f7
2606:4700::6812:16ac
2620:1ec:bdf::45
2a00:1450:4001:803::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c0a::9c
2a02:6b8::1:119
0436b66498e4be19d8ccbb0568d93361b1a629f0d5b28836b5d86af54326f8fe
0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b
09fab33dbb90d3a50f56056a03ea53be817262e1408a81c3a0b0a9b9fcf7acb9
0d20f8b4c37e8e9e85a64ef59b4b3aa21cf3a056d21feffd2befffd236adac3a
105b4ef82c692c0c392c33d14d1494023da1072ea0e0a8e1339a416d39eda73b
256c4b318570f94de78a1e667f021b754781cc5dc1848184aee299b7e6aca0f0
32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf
3349b9afcd1743205d5e8daa42a02cb1ed1a3272983913e0dc2942b9a80247ce
369f8ab83001212600a060e3eeb96d745a236dae4d6cb76d999bf4febec3b1ee
37df2780de46b5dd8ad507d4dab32ab5ef0b7bdc3dab69a607897237ba6d898f
38a8816f090f04da887014e6b33ffdc5b9972ebdcdc988ab47671dc9e1c80c40
47db815a4e0b15cf92687e3bd7a75ab2ed8f048e16c7a56300534289684a4ee6
50a8cc4c0e9524cd06682032dd2e6a746c7a62f770565a706f49f90893fa8793
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587b0d3b686c4a1bf3f1a09e5d64828822f87c28627278ca738807466de9d65d
5c6c304bd4b6b28030a0346a5304faa1d2cd2487e913cfe8ce42c422f9cfea54
61696eed9d357e9f765dade241450ce3bd9ed99561401cb4acedabeee5339392
674a8d3d9ee3010873d29e7fde6bc0c1495a8c02bfd922a68d05fb7ee996742f
67d7813f09725688e7b7de65b96048ec613de74840778abdf1f405652716bd4c
6d64504311b45faa0689f772c00f48884df02da356add532e76d2ba0f4a42bd8
741083b0b40da7e6f1aa155a15b75c835e94e1ae43df6b65cfdea64baf0f22e3
78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219
8301f736748c31e40996c976b2a487006e6bd07cd7ab3e370559b883cb02434e
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8e2175f6b9777741b9a55f734d50a98a82913c4e714fae9d49733de3f91be96f
9079e637d6e4439b2ab241bc9b845aa12c4b40a7a659d1230e50e6b9b2b11f92
91e06dcb2e9abd1028b9ff495ff44334ffcee13a6ff21f64eed24991239b7ed3
a0b2e8b3ea830a3242c86c5f3ec9a58ed168bce5d27f0df9c070e3b85a4a448b
ae8bd6124319d2db7988a26e5ecf4759b325b498295a203e6a1b164569dfd0f9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6d233b4d27f8e7659461f58eec6d73c89a65b1c3c2ea6ef94a33b3e257034f7
d213e14ecdbd013ac234292f3e5a1d1bced93fc21880676cbe18da7882e9c928
d672a72c7c2eb72b0caf68e34d3084f5f17bdc9fb7f98bb8ae811b906dff4212
dbd13ec0d488e2587cc757bd7e07e3520916dd8ec7f6abcbcd412f4ec9c0ad17
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22266fe00d5369d65e96b1c57b539a37c62a11dcf8b1b3c1255bbc5647bf72e
f393684788b089bd19dde83cf966484f698adf627bb87186f3aacfafd9dc401a
f3d5fdf74027b6a9a3bb6b056103b1f55c9698aa8ffc8dae9122f82584d319ef

go.hepsibahis090.com Open in urlscan Pro 2606:4700::6812:16ac Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

100 %IPv6

11 Domains

13 Subdomains

11 IPs

4 Countries

1045 kBTransfer

1654 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.hepsibahis090.com Open in urlscan Pro
2606:4700::6812:16ac Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

100 %
IPv6

11
Domains

13
Subdomains

11
IPs

4
Countries

1045 kB
Transfer

1654 kB
Size

22
Cookies

48 HTTP transactions
0 data transactions