Submitted URL: http://sonorpel.fr/
Effective URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm...
Submission: On June 10 via api from US — Scanned from FR

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 55 HTTP transactions. The main IP is 2606:4700::6812:16ac, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.hepsibahis049.com.
TLS certificate: Issued by R3 on June 9th 2023. Valid for: 3 months.
This is the only time go.hepsibahis049.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
31 hepsibahis049.com
go.hepsibahis049.com
534 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
115 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3244
61 KB
3 google.fr
www.google.fr — Cisco Umbrella Rank: 14106
622 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3028
www.google.com — Cisco Umbrella Rank: 3
772 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
433 B
2 gstatic.com
fonts.gstatic.com
42 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
134 KB
2 sonorpel.fr
sonorpel.fr
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
6 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
30 KB
1 winaffiliates1.com
trk.winaffiliates1.com — Cisco Umbrella Rank: 341746
908 B
55 12
Domain Requested by
31 go.hepsibahis049.com go.hepsibahis049.com
6 www.google-analytics.com www.google-analytics.com
go.hepsibahis049.com
4 mc.yandex.ru 1 redirects go.hepsibahis049.com
3 www.google.fr go.hepsibahis049.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google.com go.hepsibahis049.com
2 fonts.gstatic.com go.hepsibahis049.com
2 www.googletagmanager.com go.hepsibahis049.com
www.googletagmanager.com
2 sonorpel.fr 2 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com go.hepsibahis049.com
1 ajax.googleapis.com go.hepsibahis049.com
1 trk.winaffiliates1.com 1 redirects
55 13

This site contains links to these domains. Also see Links.

Domain
www.hepsibahis049.com
Subject Issuer Validity Valid
go.hepsibahis049.com
R3
2023-06-09 -
2023-09-07
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-03-17 -
2023-08-27
5 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.google.fr
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Frame ID: E0559646EF167D5E76CE327B40DBB650
Requests: 55 HTTP requests in this frame

Screenshot

Page Title

Hepsibahis - youwin - HoÅŸ Geldin Bonusu 3000

Page URL History Show full URLs

  1. http://sonorpel.fr/ HTTP 301
    https://sonorpel.fr/ HTTP 301
    https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
    https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&aff... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

922 kB
Transfer

1585 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sonorpel.fr/ HTTP 301
    https://sonorpel.fr/ HTTP 301
    https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
    https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A241980256171%3Ahid%3A683809000%3Az%3A0%3Ai%3A20230610022354%3Aet%3A1686363834%3Ac%3A1%3Arn%3A165062609%3Arqn%3A1%3Au%3A1686363834441820321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A20%2C48%2C141%2C2%2C577%2C0%2C%2C415%2C0%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1686363832524%3Arqnl%3A1%3Ast%3A1686363834%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A241980256171%3Ahid%3A683809000%3Az%3A0%3Ai%3A20230610022354%3Aet%3A1686363834%3Ac%3A1%3Arn%3A165062609%3Arqn%3A1%3Au%3A1686363834441820321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A20%2C48%2C141%2C2%2C577%2C0%2C%2C415%2C0%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1686363832524%3Arqnl%3A1%3Ast%3A1686363834%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.html
go.hepsibahis049.com/welcomeoffernew/
Redirect Chain
  • http://sonorpel.fr/
  • https://sonorpel.fr/
  • https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449
  • https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
65 KB
12 KB
Document
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e979ca5b6ba0c1b3e2b00679f8934ab430b9bcc6b138246727068078b96f7127

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=900, immutable
cf-cache-status
MISS
cf-ray
7d4e27a55e342a64-CDG
content-encoding
br
content-md5
qENblTScfH3bX238FcnuNQ==
content-type
text/html; charset=utf-8
date
Sat, 10 Jun 2023 02:23:53 GMT
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
ce841e6e-d01e-0002-5a42-9bacba000000
x-ms-version
2014-02-14

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private,no-cache, no-store
content-length
0
content-type
text/html
date
Sat, 10 Jun 2023 02:23:53 GMT
location
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version
4.0.30319
x-azure-ref
20230610T022353Z-gwd0yts6vh04r14dfs05p158bg0000000ay000000000ebfq
x-cache
CONFIG_NOCACHE
x-powered-by
ASP.NET
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 22:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 22:48:43 GMT
jquery.bxslider.min.js
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/
24 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/jquery.bxslider.min.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
886137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5599
last-modified
Mon, 04 May 2020 16:09:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e1e-5ebc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GlPluXrNP9CPS3%2BvwposjXlgK4czXyFtSRVLVTk6SGRPiZ5OsUf%2Bx7iHsrPb%2BDHj09IkaiR%2B9foe8MCady%2BbUu7%2FkZWSbiCl5WAYTulUHJesBUplRx2XBSNEKeynsq70ha5kU9NMx6HYJF7DergSyUU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d4e27a69c32023a-CDG
expires
Thu, 30 May 2024 02:23:53 GMT
custom.js
go.hepsibahis049.com/
10 KB
2 KB
Script
General
Full URL
https://go.hepsibahis049.com/custom.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
2cuBhFIzR3Bb9nf6otliyQ==
age
43401
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 08 Feb 2023 22:30:55 GMT
server
cloudflare
etag
W/"0x8DB0A24247B7FDE"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
035ab5e4-901e-0071-28dd-9af429000000
x-ms-version
2014-02-14
cf-ray
7d4e27a64e802a64-CDG
papara_small.png
go.hepsibahis049.com/welcomeoffernew/
736 B
906 B
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/papara_small.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea20a6ee4c93782d2dceef5259dec8937ab7dd55e7ab9293291e7366c9dc36bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
aXojKqbPqFaWGxPh6l8+vA==
age
43229
content-length
736
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC128B3CC"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9418af99-d01e-0070-59dd-9aabf5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a7bef72a64-CDG
payfix.png
go.hepsibahis049.com/welcomeoffernew/
2 KB
2 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/payfix.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2bd98cb75021883a84ec7048a47e311ce2100c1a4cce0e08500251dc1ee360a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
a+NfNuBiBWKTat5zGoY89w==
age
43229
content-length
1660
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC13005AC"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a63a3308-d01e-003d-0bdd-9a6419000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a7ef042a64-CDG
visamaster.png
go.hepsibahis049.com/welcomeoffernew/
3 KB
3 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/visamaster.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d83aaa84853eb7b035d88f49dc68e873bd7e44f810e303036a77b2f1f62a3511

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
LkWFSngCpJZmFmeZTheYIg==
age
43229
content-length
2569
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1C50408"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0f6d2c72-201e-0074-48dd-9a26f2000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a81f0e2a64-CDG
paykwik_f.png
go.hepsibahis049.com/welcomeoffernew/
1 KB
1 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/paykwik_f.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50aa1985704bf9cadb889e64f18c16c60b81d84e84f46c4d8b855e45a3f394f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
5oKQWJt50eTJb8gNxMMy8g==
age
43229
content-length
1135
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC1370986"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ba10f0dc-001e-0073-80dd-9a4a91000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a81f122a64-CDG
1.png
go.hepsibahis049.com/welcomeoffernew/
697 B
833 B
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/1.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6a580f7e90f4e5d39251bd90cca18aa7dfbf46702d6f5c567ba975df646c1f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
bsc3+EePJh8pZVAyyIxxVA==
age
43229
content-length
697
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEBFEF76FA"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
5c93ef94-301e-0047-39dd-9a7959000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a85f2b2a64-CDG
2.png
go.hepsibahis049.com/welcomeoffernew/
865 B
1009 B
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/2.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130ad9709983b31fbf96180a1ccb972575ef3ec8ee1c39e58c1caefc4da6d51e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
NPhBqe0EmXeJZHSLmnEYxw==
age
43229
content-length
865
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEBFF6A1EB"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7307a069-501e-006e-41dd-9a472d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a85f2e2a64-CDG
3.png
go.hepsibahis049.com/welcomeoffernew/
929 B
1 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/3.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e11b1f293dfcd2622d40c6a7cc01d3f9c6e618dbbe62d50405355edbf12657

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
tdYWzFA8Sorgg1MswXvDXQ==
age
43229
content-length
929
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEBFFD57A9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c79c056d-c01e-0021-1add-9a3679000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f302a64-CDG
img_balli_sali.jpg
go.hepsibahis049.com/welcomeoffernew/
32 KB
32 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_balli_sali.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb13a27a9507903fe14a9ee6af2f6eae7c15cd471c3dd20a26035f9a7bb50385

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
VJEpr7xDQ1F4ss9XSbz+Tw==
age
43229
content-length
32702
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC090818C"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
351d1a70-901e-0003-2ddd-9af366000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f312a64-CDG
img_euroleague.jpg
go.hepsibahis049.com/welcomeoffernew/
16 KB
16 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_euroleague.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf91820645b161ba2d9497fc39b878889980267b5504d8149f0cb24b7b855a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
oYk3Fxj8zrx/40Y3nay7aA==
age
43229
content-length
16626
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC097D375"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
7427809a-b01e-0004-61dd-9a9f05000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f322a64-CDG
img_sonunda_cuma.jpg
go.hepsibahis049.com/welcomeoffernew/
31 KB
31 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_sonunda_cuma.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b92d49f56a6ecef33d03ca28e75106f9b3bbbbd2a8058ff966ff6e9d52b22d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
jJH1vsmIjg9AsvHSdeU/oA==
age
43229
content-length
31996
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0A76191"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
16af0085-f01e-0058-17dd-9aca5d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f332a64-CDG
img_slot_ligi.jpg
go.hepsibahis049.com/welcomeoffernew/
25 KB
25 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_slot_ligi.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab98a4cdadd3218250928301ff480213c97d8e69a0d46278955c22350a29d77b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
TJOk0F9QmVVLiasdJrUWJg==
age
43229
content-length
25825
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC09F2568"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
76a09354-b01e-002b-2cdd-9a92ce000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f342a64-CDG
bookofdeath.jpg
go.hepsibahis049.com/welcomeoffernew/
17 KB
17 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/bookofdeath.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eba197877c13a1b2ee76eb788d1c2e3cb13f5ca66d4df831b7a8ef2b77d1dc9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
2ntFpC58YoDjBGsr9KBVCQ==
age
43229
content-length
16945
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC0315863"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
c79c0588-c01e-0021-33dd-9a3679000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f352a64-CDG
easterisland2.jpg
go.hepsibahis049.com/welcomeoffernew/
27 KB
27 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/easterisland2.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c66d90c77eee0c3d866100ea7acc1688119f52f2f814b434ed841e355e32a1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
rv11pd8+ewCQBCsaKJPk5g==
age
43229
content-length
27639
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC05F6691"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
351d1a84-901e-0003-3edd-9af366000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f362a64-CDG
sweetbonanza.jpg
go.hepsibahis049.com/welcomeoffernew/
27 KB
27 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/sweetbonanza.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6504b671773f0de4638c2f9e34100bc1706d34ecde1b42ae80a2a2267ac7941f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
u409FWuWRI1wiwwnbW5vQw==
age
43229
content-length
27954
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC17D300E"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
035c5831-901e-0071-7fdd-9af429000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a86f372a64-CDG
hotline.jpg
go.hepsibahis049.com/welcomeoffernew/
14 KB
14 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/hotline.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f84234392a09cc747d2f486f6fe49c7a877a37b8b214d211fb931d3976162b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
f9Oaw6L/PvxkQL6tWUAE1g==
age
43229
content-length
14656
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC089A4B7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
3563eede-701e-0069-79dd-9a2b4e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f412a64-CDG
infinityreels.jpg
go.hepsibahis049.com/welcomeoffernew/
22 KB
23 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/infinityreels.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54614b00182e381317b8a54ab266d2aa0ef26f8b939467f113efd1f27d425352

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
+1RsJBfODbrRScHdoWz41g==
age
43229
content-length
23017
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0B012E9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
857e7c53-501e-0041-2edd-9a4ae6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f422a64-CDG
lightningroulette.jpg
go.hepsibahis049.com/welcomeoffernew/
14 KB
14 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/lightningroulette.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23db324c8dbda543e7df5c4352bd45313f809afa9b5fff3515f35f838b91bbdc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
+ygXJJ416iVPN1FziMY9zg==
age
43229
content-length
13829
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC0E63630"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
15a0e8b6-601e-0075-4fdd-9a792e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f432a64-CDG
starburst.jpg
go.hepsibahis049.com/welcomeoffernew/
7 KB
8 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/starburst.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6696e4eed359fa6b17b8f694a96b441e737732b15ba938ee27f1428f1bdb0ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
ztIMBPTolZfQcJuKJ5fGOA==
age
43229
content-length
7563
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC152F1E8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
33855a08-e01e-006b-1ddd-9a95f6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f442a64-CDG
sweetalchemy.jpg
go.hepsibahis049.com/welcomeoffernew/
14 KB
14 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/sweetalchemy.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4f6aba64904de6d390ea9bdbe021c7807e3c6ea5fb5a732f9040e2afcd7b707

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
AVQcFmvY5uO5M2ZeoVn2Qw==
age
43229
content-length
14599
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1760526"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
351d1a87-901e-0003-41dd-9af366000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f452a64-CDG
wildseas.jpg
go.hepsibahis049.com/welcomeoffernew/
16 KB
16 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/wildseas.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c378fec1d646a6b62f76d6869913b2a594f05808fd1fc76f586129fbc444d25

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
aYL4c5PpE3lTJw38DhQbqQ==
age
43229
content-length
15922
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1D30BBC"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
ad6b550c-001e-004c-04dd-9a8232000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f462a64-CDG
jamminjars.jpg
go.hepsibahis049.com/welcomeoffernew/
31 KB
31 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/jamminjars.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb2539f367721f56d6a29b36572a27b45ca45e41bf1c1ae7dd9e680aa13ed0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
TUQfIOZbhzofkilx+bNUAQ==
age
43229
content-length
32017
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0C96391"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
a3522d1e-c01e-0053-5add-9a3136000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f472a64-CDG
bitcoin-direkt_f.png
go.hepsibahis049.com/welcomeoffernew/
2 KB
2 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/bitcoin-direkt_f.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a410ca57ac5102073cd7a6f1fd8ce93034ca13b157aa845eda64b9ac687c3a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
xvB/C/FAmkH4dqmnl9CpLQ==
age
43229
content-length
1951
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC01437B7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
42a5d652-f01e-0015-44dd-9a05b1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f482a64-CDG
astropay_f.png
go.hepsibahis049.com/welcomeoffernew/
1 KB
1 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/astropay_f.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5391619122890a5b4d381919d6b3aa9eee8f4906ab9d4674ea51197dcb708525

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
tRncZ0bF+GaVGF4jsKMmLA==
age
43229
content-length
1285
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC004828F"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f52fb117-101e-006f-1fdd-9a18f1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f492a64-CDG
lc.png
go.hepsibahis049.com/welcomeoffernew/
2 KB
2 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/lc.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76035f1e82e73372ea8920f27d95c68a189962e23c305842322ad173f2541e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
J6iecoTldIEc6xjRfVBlrA==
age
43229
content-length
2001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0D71D32"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a920babd-b01e-0049-46dd-9a50e9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a87f4a2a64-CDG
cookieplugin.js
go.hepsibahis049.com/welcomeoffernew/
1 KB
811 B
Script
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/cookieplugin.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
beLWMboQ03ua3lh6HCIJ7g==
age
43229
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
W/"0x8DB68EEC049E5E7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e5128958-201e-0039-6cdd-9ae91e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
7d4e27a6cea32a64-CDG
js
www.googletagmanager.com/gtag/
123 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-26966128-5
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a7c0eae4e148b13c49de7de21ff253e1a1caf1904850ab8a5add728ea705a77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48520
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 10 Jun 2023 02:23:53 GMT
watch.js
mc.yandex.ru/metrika/
165 KB
58 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Jun 2023 15:38:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6481cbd8-e779"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
59257
expires
Sat, 10 Jun 2023 03:23:53 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host:
URL: homescript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Jun 2023 01:13:47 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4206
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sat, 10 Jun 2023 03:13:47 GMT
youwin_logo.png
go.hepsibahis049.com/welcomeoffernew/
1 KB
1 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/youwin_logo.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64dbdd5c7a2e6e5db2d4e2b82d46896b9039b8244d92d2d47ee5d4be5190b084

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
OXO50YfYJ+zLXmDUYf7wDg==
age
43229
content-length
1312
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1E11371"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2d6c7b58-301e-0068-69dd-9a7492000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a88f4b2a64-CDG
bg_1.jpg
go.hepsibahis049.com/welcomeoffernew/
201 KB
202 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/bg_1.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bdf4ba9244ecd7b7b16b0472b00d6ac7185e35c20113d0bf94d68de73308232

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
S/T6zspgpH/2rB5TsJ4k1g==
age
43229
content-length
206193
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC00CE5C4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
338559e3-e01e-006b-7edd-9a95f6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a88f4c2a64-CDG
footer-bg.png
go.hepsibahis049.com/welcomeoffernew/
2 KB
2 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/footer-bg.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c95a3b38829138538f4de8621d23b5229e442df0e63ffb5b5ee0cb8f0258b38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
AfOwNzWZdCs+3OKn+Am58w==
age
45837
content-length
1560
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC073AEEA"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1307ba2e-401e-0000-03d7-9a1202000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a88f4d2a64-CDG
or3sQ67z0_CI33NTbJE.woff2
fonts.gstatic.com/s/jaldi/v6/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jaldi/v6/or3sQ67z0_CI33NTbJE.woff2
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4acba540de7bf942b0e41feb83e98273b599b7a70f0bbe67e84afce4450f6a3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://go.hepsibahis049.com/
Origin
https://go.hepsibahis049.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 16:16:30 GMT
x-content-type-options
nosniff
age
554843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21900
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:10:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 16:16:30 GMT
or3sQ67z0_CI33NdbJHPBw.woff2
fonts.gstatic.com/s/jaldi/v6/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jaldi/v6/or3sQ67z0_CI33NdbJHPBw.woff2
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76e087187a561cb0e01c06979105782114442ff2c78a05b8e7ed5ba0a9e60ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://go.hepsibahis049.com/
Origin
https://go.hepsibahis049.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 22:32:39 GMT
x-content-type-options
nosniff
age
13874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20808
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:10:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Jun 2024 22:32:39 GMT
controls.png
go.hepsibahis049.com/welcomeoffernew/
3 KB
3 KB
Image
General
Full URL
https://go.hepsibahis049.com/welcomeoffernew/controls.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Jun 2023 02:23:53 GMT
cf-cache-status
HIT
content-md5
2dJTcvOMayQrm1HVhB/obg==
age
45837
content-length
2806
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0404A59"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1bd71fbd-101e-001d-11d7-9a1fbe000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d4e27a93f9d2a64-CDG
collect
www.google-analytics.com/j/
4 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1117723995&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABQAAAACAAI~&jid=1483912247&gjid=1058270795&cid=1688094906.1686363834&tid=UA-26966128-5&_gid=197108944.1686363834&_r=1&_slc=1&z=1967148222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/
120 KB
47 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T4HQLRB&cid=1688094906.1686363834
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
967340c2277aa9fcea9702663d94c85546e498269ff908b40f5995ab7e1bb063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47833
x-xss-protection
0
last-modified
Sat, 10 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Jun 2023 02:23:53 GMT
js
www.googletagmanager.com/gtag/
264 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26966128-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bca72cf434c98c48eee702b113e081c7cc7fce67dcb5e68cec95bf48462cf57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87706
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 10 Jun 2023 02:23:53 GMT
collect
stats.g.doubleclick.net/j/
4 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=1688094906.1686363834&jid=1483912247&gjid=1058270795&_gid=197108944.1686363834&_u=IEBAAEAAQAAAACAAI~&z=291633132
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 10 Jun 2023 02:23:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/
120 KB
47 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NSX5KH6&t=gtag_UA_26966128_5&cid=1688094906.1686363834
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fca7dfb29ece5cd4546cfee7b36d4ba220dabe1f2d3a7fc9748955dde96030a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:23:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47876
x-xss-protection
0
last-modified
Sat, 10 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Jun 2023 02:23:53 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1117723995&t=pageview&_s=2&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=&gjid=&cid=1688094906.1686363834&tid=UA-26966128-5&_gid=197108944.1686363834&z=1601109408
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 08:08:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65700
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
257 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6ZJT1RZ4NZ&gtm=45je3671&_p=1117723995&_gaz=1&cid=1688094906.1686363834&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686363833&sct=1&seg=0&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6ZJT1RZ4NZ&cid=1688094906.1686363834&gtm=45je3671&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/
42 B
107 B
Image
General
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6ZJT1RZ4NZ&cid=1688094906.1686363834&gtm=45je3671&aip=1&z=150515850
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1688094906.1686363834&jid=1483912247&_u=IEBAAEAAQAAAACAAI~&z=2110866086
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/
42 B
408 B
Image
General
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1688094906.1686363834&jid=1483912247&_u=IEBAAEAAQAAAACAAI~&z=2110866086
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1117723995&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAACAAI~&jid=2075026171&gjid=1268437943&cid=1688094906.1686363834&tid=UA-26966128-5&_gid=197108944.1686363834&_r=1&gtm=457e3671&jsscut=1&z=310462785
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=1688094906.1686363834&jid=2075026171&gjid=1268437943&_gid=197108944.1686363834&_u=aGDAAUADQAAAACAAI~&z=909389068
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 10 Jun 2023 02:23:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1688094906.1686363834&jid=2075026171&_u=aGDAAUADQAAAACAAI~&z=1034693504
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/
42 B
107 B
Image
General
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1688094906.1686363834&jid=2075026171&_u=aGDAAUADQAAAACAAI~&z=1034693504
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
162 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1F76D68A735F4CEE941D14931998C8FF&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:23:54 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Jun 2023 15:38:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6481cbd8-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 10 Jun 2023 03:23:54 GMT
1
mc.yandex.ru/watch/48641507/
Redirect Chain
  • https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26ut...
  • https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26...
447 B
530 B
XHR
General
Full URL
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A241980256171%3Ahid%3A683809000%3Az%3A0%3Ai%3A20230610022354%3Aet%3A1686363834%3Ac%3A1%3Arn%3A165062609%3Arqn%3A1%3Au%3A1686363834441820321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A20%2C48%2C141%2C2%2C577%2C0%2C%2C415%2C0%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1686363832524%3Arqnl%3A1%3Ast%3A1686363834%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f6093dec794b1a4274d5914b13d498b43e0317ebaceb04ef03a50362744022f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 10-Jun-2023 02:23:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sat, 10-Jun-2023 02:23:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:23:54 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10-Jun-2023 02:23:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1F76D68A735F4CEE941D14931998C8FF%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A241980256171%3Ahid%3A683809000%3Az%3A0%3Ai%3A20230610022354%3Aet%3A1686363834%3Ac%3A1%3Arn%3A165062609%3Arqn%3A1%3Au%3A1686363834441820321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A20%2C48%2C141%2C2%2C577%2C0%2C%2C415%2C0%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1686363832524%3Arqnl%3A1%3Ast%3A1686363834%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 10-Jun-2023 02:23:54 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| BF_prop string| domain string| hepsiNumber string| lpName function| getParameterByName function| OnPreRegClick function| getSeparator object| ctaSectionMobileDOM object| mobilePaymentOverlayDOM object| bxSliderInit object| bxSliderDesktopInit function| bodyClass string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| google_optimize function| onYouTubeIframeAPIReady object| Ya object| yaCounter48641507

22 Cookies

Domain/Path Name / Value
.winaffiliates1.com/ Name: NetRefer_CookieUniTrack_C
Value: %5b%7b%22PID%22%3a2086821%2c%22BID%22%3a3449%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1686363833065)%5c%2f%22%2c%22CookieTag%22%3a%223449208682111%3a%3a451d%3a8%3a0d14%3a1002C2023610223%22%7d%5d
.winaffiliates1.com/ Name: NetReferSPS
Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224719448966%7c1%22%7d%5d
.hepsibahis049.com/ Name: pnameCookie
Value: 659065_1F76D68A735F4CEE941D14931998C8FF
.hepsibahis049.com/ Name: affiliateCookie
Value: net_refer
.hepsibahis049.com/ Name: sb_clickthroughpromotion
Value: 659065_1F76D68A735F4CEE941D14931998C8FF
.hepsibahis049.com/ Name: sb_clickthroughurl
Value: https%3A%2F%2Fm.hepsibahis049.com
.hepsibahis049.com/ Name: sb_clickthroughusername
Value: net_refer
.hepsibahis049.com/ Name: _gid
Value: GA1.2.197108944.1686363834
.hepsibahis049.com/ Name: _gat
Value: 1
.hepsibahis049.com/ Name: _ga_6ZJT1RZ4NZ
Value: GS1.1.1686363833.1.0.1686363833.60.0.0
.hepsibahis049.com/ Name: _ga
Value: GA1.1.1688094906.1686363834
.hepsibahis049.com/ Name: _gat_gtag_UA_26966128_5
Value: 1
.hepsibahis049.com/ Name: _ym_uid
Value: 1686363834441820321
.hepsibahis049.com/ Name: _ym_d
Value: 1686363834
.hepsibahis049.com/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 567951331686363834
.yandex.ru/ Name: i
Value: d5mMdJwYGXaeFXhETSZ937ElpdW/XdRdnxnnHqSA27xjpPtgdDq2c7++SEXm6IdexuqrUz7nTVwrFjNLLQMxHImEBDs=
.yandex.ru/ Name: yandexuid
Value: 8731508001686363834
.yandex.ru/ Name: yuidss
Value: 8731508001686363834
.yandex.ru/ Name: ymex
Value: 1717899834.yc.1686363834#1717899834.yrts.1686363834#1717899834.yrtsi.1686363834
.yandex.ru/ Name: bh
Value: KgI/MA==
.hepsibahis049.com/ Name: _ym_visorc
Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.gstatic.com
go.hepsibahis049.com
mc.yandex.ru
region1.analytics.google.com
sonorpel.fr
stats.g.doubleclick.net
trk.winaffiliates1.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
2001:4860:4802:32::36
2001:4860:4802:34::178
2606:4700:3035::ac43:8ed3
2606:4700:3037::6815:271e
2606:4700::6811:190e
2606:4700::6812:16ac
2620:1ec:46::45
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:400c:c00::9a
2a02:6b8::1:119
0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b
0cf91820645b161ba2d9497fc39b878889980267b5504d8149f0cb24b7b855a7
130ad9709983b31fbf96180a1ccb972575ef3ec8ee1c39e58c1caefc4da6d51e
23db324c8dbda543e7df5c4352bd45313f809afa9b5fff3515f35f838b91bbdc
257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226
32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf
3c95a3b38829138538f4de8621d23b5229e442df0e63ffb5b5ee0cb8f0258b38
4acba540de7bf942b0e41feb83e98273b599b7a70f0bbe67e84afce4450f6a3e
4eba197877c13a1b2ee76eb788d1c2e3cb13f5ca66d4df831b7a8ef2b77d1dc9
50aa1985704bf9cadb889e64f18c16c60b81d84e84f46c4d8b855e45a3f394f9
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5391619122890a5b4d381919d6b3aa9eee8f4906ab9d4674ea51197dcb708525
54614b00182e381317b8a54ab266d2aa0ef26f8b939467f113efd1f27d425352
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b6a580f7e90f4e5d39251bd90cca18aa7dfbf46702d6f5c567ba975df646c1f
5bca72cf434c98c48eee702b113e081c7cc7fce67dcb5e68cec95bf48462cf57
64dbdd5c7a2e6e5db2d4e2b82d46896b9039b8244d92d2d47ee5d4be5190b084
6504b671773f0de4638c2f9e34100bc1706d34ecde1b42ae80a2a2267ac7941f
68a410ca57ac5102073cd7a6f1fd8ce93034ca13b157aa845eda64b9ac687c3a
6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df
75e11b1f293dfcd2622d40c6a7cc01d3f9c6e618dbbe62d50405355edbf12657
76e087187a561cb0e01c06979105782114442ff2c78a05b8e7ed5ba0a9e60ebd
78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8c66d90c77eee0c3d866100ea7acc1688119f52f2f814b434ed841e355e32a1b
94b92d49f56a6ecef33d03ca28e75106f9b3bbbbd2a8058ff966ff6e9d52b22d
967340c2277aa9fcea9702663d94c85546e498269ff908b40f5995ab7e1bb063
9a7c0eae4e148b13c49de7de21ff253e1a1caf1904850ab8a5add728ea705a77
9bdf4ba9244ecd7b7b16b0472b00d6ac7185e35c20113d0bf94d68de73308232
9c378fec1d646a6b62f76d6869913b2a594f05808fd1fc76f586129fbc444d25
9cb2539f367721f56d6a29b36572a27b45ca45e41bf1c1ae7dd9e680aa13ed0a
ab98a4cdadd3218250928301ff480213c97d8e69a0d46278955c22350a29d77b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3f84234392a09cc747d2f486f6fe49c7a877a37b8b214d211fb931d3976162b
b6696e4eed359fa6b17b8f694a96b441e737732b15ba938ee27f1428f1bdb0ad
bb13a27a9507903fe14a9ee6af2f6eae7c15cd471c3dd20a26035f9a7bb50385
d4f6aba64904de6d390ea9bdbe021c7807e3c6ea5fb5a732f9040e2afcd7b707
d76035f1e82e73372ea8920f27d95c68a189962e23c305842322ad173f2541e2
d83aaa84853eb7b035d88f49dc68e873bd7e44f810e303036a77b2f1f62a3511
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2bd98cb75021883a84ec7048a47e311ce2100c1a4cce0e08500251dc1ee360a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e979ca5b6ba0c1b3e2b00679f8934ab430b9bcc6b138246727068078b96f7127
ea20a6ee4c93782d2dceef5259dec8937ab7dd55e7ab9293291e7366c9dc36bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6093dec794b1a4274d5914b13d498b43e0317ebaceb04ef03a50362744022f6
fca7dfb29ece5cd4546cfee7b36d4ba220dabe1f2d3a7fc9748955dde96030a5