urlscan.io logo urlscan.io
SecurityTrails logo

go.hepsibahis049.com Open in urlscan Pro
2606:4700::6812:17ac  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://etreaunaturel.fr/
Effective URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm...
Submission: On June 11 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 55 HTTP transactions. The main IP is 2606:4700::6812:17ac, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.hepsibahis049.com.
TLS certificate: Issued by R3 on June 9th 2023. Valid for: 3 months.
This is the only time go.hepsibahis049.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
etreaunaturel.fr
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
trk.winaffiliates1.com
31    2606:4700::6812:17ac (United States)

ASN13335 (CLOUDFLARENET, US)
go.hepsibahis049.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
31 hepsibahis049.com
go.hepsibahis049.com
534 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
115 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3244
60 KB
3 google.fr
www.google.fr — Cisco Umbrella Rank: 14106
622 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3028
www.google.com — Cisco Umbrella Rank: 3
772 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
424 B
2 gstatic.com
fonts.gstatic.com
42 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
134 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
6 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
30 KB
1 winaffiliates1.com
trk.winaffiliates1.com — Cisco Umbrella Rank: 341746
912 B
1 etreaunaturel.fr
etreaunaturel.fr
473 B
55 12
Domain Requested by
31 go.hepsibahis049.com go.hepsibahis049.com
6 www.google-analytics.com www.google-analytics.com
go.hepsibahis049.com
4 mc.yandex.ru 1 redirects go.hepsibahis049.com
3 www.google.fr go.hepsibahis049.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google.com go.hepsibahis049.com
2 fonts.gstatic.com go.hepsibahis049.com
2 www.googletagmanager.com go.hepsibahis049.com
www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com go.hepsibahis049.com
1 ajax.googleapis.com go.hepsibahis049.com
1 trk.winaffiliates1.com 1 redirects
1 etreaunaturel.fr 1 redirects
55 13

This site contains links to these domains. Also see Links.

Domain
www.hepsibahis049.com
Subject Issuer Validity Valid
go.hepsibahis049.com
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Frame ID: F9D115558E44CB8703C08AD0D29C7155
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hepsibahis - youwin - HoÅŸ Geldin Bonusu 3000

Page URL History Show full URLs

  1. https://etreaunaturel.fr/ HTTP 301
    https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
    https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&aff... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

922 kB
Transfer

1585 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://etreaunaturel.fr/ HTTP 301
    https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
    https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A369163845108%3Ahid%3A247494866%3Az%3A0%3Ai%3A20230611025119%3Aet%3A1686451879%3Ac%3A1%3Arn%3A411387953%3Arqn%3A1%3Au%3A168645187994928520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C51%2C145%2C3%2C347%2C0%2C%2C261%2C0%2C%2C%2C%2C809%3Aco%3A0%3Acpf%3A1%3Ans%3A1686451877830%3Arqnl%3A1%3Ast%3A1686451879%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A369163845108%3Ahid%3A247494866%3Az%3A0%3Ai%3A20230611025119%3Aet%3A1686451879%3Ac%3A1%3Arn%3A411387953%3Arqn%3A1%3Au%3A168645187994928520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C51%2C145%2C3%2C347%2C0%2C%2C261%2C0%2C%2C%2C%2C809%3Aco%3A0%3Acpf%3A1%3Ans%3A1686451877830%3Arqnl%3A1%3Ast%3A1686451879%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
go.hepsibahis049.com/welcomeoffernew/
Redirect Chain
  • https://etreaunaturel.fr/
  • https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449
  • https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
65 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e979ca5b6ba0c1b3e2b00679f8934ab430b9bcc6b138246727068078b96f7127

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=900, immutable
cf-cache-status
MISS
cf-ray
7d568d2f0b9ed23d-CDG
content-encoding
br
content-md5
qENblTScfH3bX238FcnuNQ==
content-type
text/html; charset=utf-8
date
Sun, 11 Jun 2023 02:51:18 GMT
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
b1f8e8f3-c01e-0043-6c0f-9cf45e000000
x-ms-version
2014-02-14

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private,no-cache, no-store
content-length
0
content-type
text/html
date
Sun, 11 Jun 2023 02:51:18 GMT
location
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version
4.0.30319
x-azure-ref
0pjaFZAAAAADgNdB0D2PZSJb2J0OEEsmEUFJBRURHRTEzMTQAODNhZGJlNjktZjM2NC00ODM4LWIzZmQtMzQ1NDkwNzM0ODlh
x-cache
CONFIG_NOCACHE
x-powered-by
ASP.NET
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 22:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 22:48:43 GMT
jquery.bxslider.min.js
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/jquery.bxslider.min.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3483898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5599
last-modified
Mon, 04 May 2020 16:09:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e1e-5ebc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQGkkdHgpvcGDaV5SfufwTfReXMb%2BrHvuI3zDN6Sor6y90Fl8WMAKm53hWssky4cK0Is8BA19t40B%2BghOejS%2F7FeMpQ1O1pns%2F%2FgeR67h5jmollp81AHOEVmytZKmauUQ52oNyXPnGjrl2%2BzmRZUZCxc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d568d30e916047d-CDG
expires
Fri, 31 May 2024 02:51:18 GMT
custom.js
go.hepsibahis049.com/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.hepsibahis049.com/custom.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
2cuBhFIzR3Bb9nf6otliyQ==
age
118710
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 08 Feb 2023 22:30:55 GMT
server
cloudflare
etag
W/"0x8DB0A24247B7FDE"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8b607b5a-101e-0032-32fb-9a1275000000
x-ms-version
2014-02-14
cf-ray
7d568d300bdfd23d-CDG
papara_small.png
go.hepsibahis049.com/welcomeoffernew/ 		736 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/papara_small.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea20a6ee4c93782d2dceef5259dec8937ab7dd55e7ab9293291e7366c9dc36bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
aXojKqbPqFaWGxPh6l8+vA==
age
114567
content-length
736
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC128B3CC"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
5202292d-701e-001b-5a04-9b2c01000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d314c29d23d-CDG
payfix.png
go.hepsibahis049.com/welcomeoffernew/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/payfix.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2bd98cb75021883a84ec7048a47e311ce2100c1a4cce0e08500251dc1ee360a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
a+NfNuBiBWKTat5zGoY89w==
age
114567
content-length
1660
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC13005AC"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
908342d2-e01e-0044-5b04-9b983d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c33d23d-CDG
visamaster.png
go.hepsibahis049.com/welcomeoffernew/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/visamaster.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d83aaa84853eb7b035d88f49dc68e873bd7e44f810e303036a77b2f1f62a3511

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
LkWFSngCpJZmFmeZTheYIg==
age
114566
content-length
2569
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1C50408"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
85369ff7-401e-0010-5604-9bd76a000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c34d23d-CDG
paykwik_f.png
go.hepsibahis049.com/welcomeoffernew/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/paykwik_f.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50aa1985704bf9cadb889e64f18c16c60b81d84e84f46c4d8b855e45a3f394f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
5oKQWJt50eTJb8gNxMMy8g==
age
114564
content-length
1135
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC1370986"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1bc1b091-d01e-002d-4504-9ba171000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c35d23d-CDG
1.png
go.hepsibahis049.com/welcomeoffernew/ 		697 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/1.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6a580f7e90f4e5d39251bd90cca18aa7dfbf46702d6f5c567ba975df646c1f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
bsc3+EePJh8pZVAyyIxxVA==
age
114564
content-length
697
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEBFEF76FA"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7773da4f-f01e-0077-0b04-9bc796000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c36d23d-CDG
2.png
go.hepsibahis049.com/welcomeoffernew/ 		865 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/2.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130ad9709983b31fbf96180a1ccb972575ef3ec8ee1c39e58c1caefc4da6d51e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
NPhBqe0EmXeJZHSLmnEYxw==
age
114564
content-length
865
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEBFF6A1EB"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
79b632ea-201e-0064-7604-9be39a000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c37d23d-CDG
3.png
go.hepsibahis049.com/welcomeoffernew/ 		929 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/3.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e11b1f293dfcd2622d40c6a7cc01d3f9c6e618dbbe62d50405355edbf12657

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
tdYWzFA8Sorgg1MswXvDXQ==
age
114564
content-length
929
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEBFFD57A9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
74181e69-201e-0016-7604-9be4d5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c38d23d-CDG
img_balli_sali.jpg
go.hepsibahis049.com/welcomeoffernew/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_balli_sali.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb13a27a9507903fe14a9ee6af2f6eae7c15cd471c3dd20a26035f9a7bb50385

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
VJEpr7xDQ1F4ss9XSbz+Tw==
age
114564
content-length
32702
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC090818C"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
ccd48d9d-e01e-0036-7204-9b9f72000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c39d23d-CDG
img_euroleague.jpg
go.hepsibahis049.com/welcomeoffernew/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_euroleague.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf91820645b161ba2d9497fc39b878889980267b5504d8149f0cb24b7b855a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
oYk3Fxj8zrx/40Y3nay7aA==
age
114564
content-length
16626
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC097D375"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
2fc37a56-001e-0001-3504-9b4dde000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c3ad23d-CDG
img_sonunda_cuma.jpg
go.hepsibahis049.com/welcomeoffernew/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_sonunda_cuma.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b92d49f56a6ecef33d03ca28e75106f9b3bbbbd2a8058ff966ff6e9d52b22d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
jJH1vsmIjg9AsvHSdeU/oA==
age
114563
content-length
31996
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0A76191"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
12761fa0-b01e-0059-0f04-9b9581000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d317c3bd23d-CDG
img_slot_ligi.jpg
go.hepsibahis049.com/welcomeoffernew/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/img_slot_ligi.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab98a4cdadd3218250928301ff480213c97d8e69a0d46278955c22350a29d77b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
TJOk0F9QmVVLiasdJrUWJg==
age
114563
content-length
25825
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC09F2568"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
771eadf9-b01e-002b-4b04-9b92ce000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c3ed23d-CDG
bookofdeath.jpg
go.hepsibahis049.com/welcomeoffernew/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/bookofdeath.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eba197877c13a1b2ee76eb788d1c2e3cb13f5ca66d4df831b7a8ef2b77d1dc9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
2ntFpC58YoDjBGsr9KBVCQ==
age
114563
content-length
16945
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC0315863"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
105cc2b0-401e-003f-5104-9bdaa1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c3fd23d-CDG
easterisland2.jpg
go.hepsibahis049.com/welcomeoffernew/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/easterisland2.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c66d90c77eee0c3d866100ea7acc1688119f52f2f814b434ed841e355e32a1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
rv11pd8+ewCQBCsaKJPk5g==
age
114563
content-length
27639
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC05F6691"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
3a248260-601e-0017-1304-9bbb09000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c40d23d-CDG
sweetbonanza.jpg
go.hepsibahis049.com/welcomeoffernew/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/sweetbonanza.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6504b671773f0de4638c2f9e34100bc1706d34ecde1b42ae80a2a2267ac7941f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
u409FWuWRI1wiwwnbW5vQw==
age
114563
content-length
27954
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC17D300E"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
9c7c55cb-401e-002f-1404-9b1fc9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c42d23d-CDG
hotline.jpg
go.hepsibahis049.com/welcomeoffernew/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/hotline.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f84234392a09cc747d2f486f6fe49c7a877a37b8b214d211fb931d3976162b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
f9Oaw6L/PvxkQL6tWUAE1g==
age
114563
content-length
14656
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC089A4B7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
9c7c55e0-401e-002f-2804-9b1fc9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c43d23d-CDG
infinityreels.jpg
go.hepsibahis049.com/welcomeoffernew/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/infinityreels.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54614b00182e381317b8a54ab266d2aa0ef26f8b939467f113efd1f27d425352

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
+1RsJBfODbrRScHdoWz41g==
age
114562
content-length
23017
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0B012E9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
2d0ece28-001e-0011-1304-9b88b6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c45d23d-CDG
lightningroulette.jpg
go.hepsibahis049.com/welcomeoffernew/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/lightningroulette.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23db324c8dbda543e7df5c4352bd45313f809afa9b5fff3515f35f838b91bbdc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
+ygXJJ416iVPN1FziMY9zg==
age
114562
content-length
13829
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC0E63630"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
74182163-201e-0016-4004-9be4d5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c46d23d-CDG
starburst.jpg
go.hepsibahis049.com/welcomeoffernew/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/starburst.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6696e4eed359fa6b17b8f694a96b441e737732b15ba938ee27f1428f1bdb0ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
ztIMBPTolZfQcJuKJ5fGOA==
age
114562
content-length
7563
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:05 GMT
server
cloudflare
etag
"0x8DB68EEC152F1E8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8536a94b-401e-0010-6d04-9bd76a000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c48d23d-CDG
sweetalchemy.jpg
go.hepsibahis049.com/welcomeoffernew/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/sweetalchemy.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4f6aba64904de6d390ea9bdbe021c7807e3c6ea5fb5a732f9040e2afcd7b707

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
AVQcFmvY5uO5M2ZeoVn2Qw==
age
114562
content-length
14599
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1760526"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
741821c6-201e-0016-1704-9be4d5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c49d23d-CDG
wildseas.jpg
go.hepsibahis049.com/welcomeoffernew/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/wildseas.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c378fec1d646a6b62f76d6869913b2a594f05808fd1fc76f586129fbc444d25

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
aYL4c5PpE3lTJw38DhQbqQ==
age
114561
content-length
15922
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1D30BBC"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
771eb1fa-b01e-002b-4104-9b92ce000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c4ad23d-CDG
jamminjars.jpg
go.hepsibahis049.com/welcomeoffernew/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/jamminjars.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb2539f367721f56d6a29b36572a27b45ca45e41bf1c1ae7dd9e680aa13ed0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
TUQfIOZbhzofkilx+bNUAQ==
age
114561
content-length
32017
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0C96391"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
2d0ecf98-001e-0011-6304-9b88b6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c4bd23d-CDG
bitcoin-direkt_f.png
go.hepsibahis049.com/welcomeoffernew/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/bitcoin-direkt_f.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a410ca57ac5102073cd7a6f1fd8ce93034ca13b157aa845eda64b9ac687c3a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
xvB/C/FAmkH4dqmnl9CpLQ==
age
114561
content-length
1951
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC01437B7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2e013ae3-301e-0068-7804-9b7492000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c4cd23d-CDG
astropay_f.png
go.hepsibahis049.com/welcomeoffernew/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/astropay_f.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5391619122890a5b4d381919d6b3aa9eee8f4906ab9d4674ea51197dcb708525

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
tRncZ0bF+GaVGF4jsKMmLA==
age
114561
content-length
1285
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC004828F"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7773e319-f01e-0077-6e04-9bc796000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c4dd23d-CDG
lc.png
go.hepsibahis049.com/welcomeoffernew/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/lc.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76035f1e82e73372ea8920f27d95c68a189962e23c305842322ad173f2541e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
J6iecoTldIEc6xjRfVBlrA==
age
114561
content-length
2001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0D71D32"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c4983626-601e-004a-1304-9bb18d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c4ed23d-CDG
cookieplugin.js
go.hepsibahis049.com/welcomeoffernew/ 		1 KB
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.hepsibahis049.com/welcomeoffernew/cookieplugin.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
beLWMboQ03ua3lh6HCIJ7g==
age
114567
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
W/"0x8DB68EEC049E5E7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ccd4863b-e01e-0036-6c04-9b9f72000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
7d568d311c23d23d-CDG
js
www.googletagmanager.com/gtag/ 		123 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-26966128-5
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d70bb315ba8396a62ea5bbff6914f25c835a42cdef2e3753f3cb017cc6572bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48521
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Jun 2023 02:51:18 GMT
watch.js
mc.yandex.ru/metrika/ 		165 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Jun 2023 15:38:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6481cbd8-e779"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
59257
expires
Sun, 11 Jun 2023 03:51:18 GMT
youwin_logo.png
go.hepsibahis049.com/welcomeoffernew/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/youwin_logo.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64dbdd5c7a2e6e5db2d4e2b82d46896b9039b8244d92d2d47ee5d4be5190b084

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
OXO50YfYJ+zLXmDUYf7wDg==
age
114565
content-length
1312
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:06 GMT
server
cloudflare
etag
"0x8DB68EEC1E11371"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9083457b-e01e-0044-5504-9b983d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c4fd23d-CDG
bg_1.jpg
go.hepsibahis049.com/welcomeoffernew/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/bg_1.jpg
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bdf4ba9244ecd7b7b16b0472b00d6ac7185e35c20113d0bf94d68de73308232

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
S/T6zspgpH/2rB5TsJ4k1g==
age
114566
content-length
206193
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 09 Jun 2023 13:38:03 GMT
server
cloudflare
etag
"0x8DB68EEC00CE5C4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
74181b4a-201e-0016-2204-9be4d5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c50d23d-CDG
footer-bg.png
go.hepsibahis049.com/welcomeoffernew/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/footer-bg.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c95a3b38829138538f4de8621d23b5229e442df0e63ffb5b5ee0cb8f0258b38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
HIT
content-md5
AfOwNzWZdCs+3OKn+Am58w==
age
114560
content-length
1560
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC073AEEA"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7773e40a-f01e-0077-2604-9bc796000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d318c51d23d-CDG
or3sQ67z0_CI33NTbJE.woff2
fonts.gstatic.com/s/jaldi/v6/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jaldi/v6/or3sQ67z0_CI33NTbJE.woff2
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4acba540de7bf942b0e41feb83e98273b599b7a70f0bbe67e84afce4450f6a3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://go.hepsibahis049.com/
Origin
https://go.hepsibahis049.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 16:17:08 GMT
x-content-type-options
nosniff
age
38050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21900
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:10:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 16:17:08 GMT
or3sQ67z0_CI33NdbJHPBw.woff2
fonts.gstatic.com/s/jaldi/v6/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jaldi/v6/or3sQ67z0_CI33NdbJHPBw.woff2
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76e087187a561cb0e01c06979105782114442ff2c78a05b8e7ed5ba0a9e60ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://go.hepsibahis049.com/
Origin
https://go.hepsibahis049.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 22:32:39 GMT
x-content-type-options
nosniff
age
101919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20808
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:10:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Jun 2024 22:32:39 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host:
URL: homescript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Jun 2023 02:35:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
951
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 11 Jun 2023 04:35:27 GMT
controls.png
go.hepsibahis049.com/welcomeoffernew/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.hepsibahis049.com/welcomeoffernew/controls.png
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 11 Jun 2023 02:51:18 GMT
cf-cache-status
MISS
content-md5
2dJTcvOMayQrm1HVhB/obg==
content-length
2806
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 13:38:04 GMT
server
cloudflare
etag
"0x8DB68EEC0404A59"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b1f8e9bd-c01e-0043-280f-9cf45e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d568d31ac58d23d-CDG
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=363536402&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABQAAAACAAI~&jid=1490132473&gjid=1962637426&cid=743873558.1686451879&tid=UA-26966128-5&_gid=821948285.1686451879&_r=1&_slc=1&z=1475680259
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T4HQLRB&cid=743873558.1686451879
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d23d5224e8cb649f7552ac64dea3ae1b589c7ea2e5186c0f8e6949c99b7462e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47832
x-xss-protection
0
last-modified
Sun, 11 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Jun 2023 02:51:18 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26966128-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85d2262e73bef3262593dd36ff338ea918fe65d0a1d5cfe6bdda50b4f491a01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87706
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Jun 2023 02:51:18 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=743873558.1686451879&jid=1490132473&gjid=1962637426&_gid=821948285.1686451879&_u=IEBAAEAAQAAAACAAI~&z=1671250591
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Jun 2023 02:51:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NSX5KH6&t=gtag_UA_26966128_5&cid=743873558.1686451879
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c163783e44cd086edbbae153bec230d410887e7fdfb3e949750b7bc23a1ddd20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:51:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47878
x-xss-protection
0
last-modified
Sun, 11 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Jun 2023 02:51:18 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=363536402&t=pageview&_s=2&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=&gjid=&cid=743873558.1686451879&tid=UA-26966128-5&_gid=821948285.1686451879&z=125554331
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 11:48:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54193
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6ZJT1RZ4NZ&gtm=45je3671&_p=363536402&_gaz=1&cid=743873558.1686451879&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686451878&sct=1&seg=0&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6ZJT1RZ4NZ&cid=743873558.1686451879&gtm=45je3671&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6ZJT1RZ4NZ&cid=743873558.1686451879&gtm=45je3671&aip=1&z=1258127510
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=743873558.1686451879&jid=1490132473&_u=IEBAAEAAQAAAACAAI~&z=2015042270
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=743873558.1686451879&jid=1490132473&_u=IEBAAEAAQAAAACAAI~&z=2015042270
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=363536402&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAACAAI~&jid=95936555&gjid=1299789967&cid=743873558.1686451879&tid=UA-26966128-5&_gid=821948285.1686451879&_r=1&gtm=457e3671&jsscut=1&z=378627230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=743873558.1686451879&jid=95936555&gjid=1299789967&_gid=821948285.1686451879&_u=aGDAAUADQAAAACAAI~&z=2039700066
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.hepsibahis049.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Jun 2023 02:51:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=743873558.1686451879&jid=95936555&_u=aGDAAUADQAAAACAAI~&z=202365810
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=743873558.1686451879&jid=95936555&_u=aGDAAUADQAAAACAAI~&z=202365810
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_3241D348DDE546EB8EBB6CC7A52CEE88&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:51:19 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Jun 2023 15:38:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6481cbd8-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 11 Jun 2023 03:51:19 GMT
1
mc.yandex.ru/watch/48641507/
Redirect Chain
  • https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26ut...
  • https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26...
447 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A369163845108%3Ahid%3A247494866%3Az%3A0%3Ai%3A20230611025119%3Aet%3A1686451879%3Ac%3A1%3Arn%3A411387953%3Arqn%3A1%3Au%3A168645187994928520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C51%2C145%2C3%2C347%2C0%2C%2C261%2C0%2C%2C%2C%2C809%3Aco%3A0%3Acpf%3A1%3Ans%3A1686451877830%3Arqnl%3A1%3Ast%3A1686451879%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
4fbd287cbe34d2c09c0ab9fd592e4c07965e31083527beff3f4c36c4f0af411f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://go.hepsibahis049.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 11-Jun-2023 02:51:19 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sun, 11-Jun-2023 02:51:19 GMT

Redirect headers

pragma
no-cache
date
Sun, 11 Jun 2023 02:51:19 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 11-Jun-2023 02:51:19 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_3241D348DDE546EB8EBB6CC7A52CEE88%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A369163845108%3Ahid%3A247494866%3Az%3A0%3Ai%3A20230611025119%3Aet%3A1686451879%3Ac%3A1%3Arn%3A411387953%3Arqn%3A1%3Au%3A168645187994928520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C51%2C145%2C3%2C347%2C0%2C%2C261%2C0%2C%2C%2C%2C809%3Aco%3A0%3Acpf%3A1%3Ans%3A1686451877830%3Arqnl%3A1%3Ast%3A1686451879%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://go.hepsibahis049.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 11-Jun-2023 02:51:19 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| BF_prop string| domain string| hepsiNumber string| lpName function| getParameterByName function| OnPreRegClick function| getSeparator object| ctaSectionMobileDOM object| mobilePaymentOverlayDOM object| bxSliderInit object| bxSliderDesktopInit function| bodyClass string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| google_optimize function| onYouTubeIframeAPIReady object| Ya object| yaCounter48641507

22 Cookies

Domain/Path Name / Value
.winaffiliates1.com/ Name: NetRefer_CookieUniTrack_C
Value: %5b%7b%22PID%22%3a2086821%2c%22BID%22%3a3449%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1686451878147)%5c%2f%22%2c%22CookieTag%22%3a%22344920868213%3a%3a451d%3a8%3a0d14%3a1002C2023611251%22%7d%5d
.winaffiliates1.com/ Name: NetReferSPS
Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224720258422%7c1%22%7d%5d
.hepsibahis049.com/ Name: pnameCookie
Value: 659065_3241D348DDE546EB8EBB6CC7A52CEE88
.hepsibahis049.com/ Name: affiliateCookie
Value: net_refer
.hepsibahis049.com/ Name: sb_clickthroughpromotion
Value: 659065_3241D348DDE546EB8EBB6CC7A52CEE88
.hepsibahis049.com/ Name: sb_clickthroughurl
Value: https%3A%2F%2Fm.hepsibahis049.com
.hepsibahis049.com/ Name: sb_clickthroughusername
Value: net_refer
.hepsibahis049.com/ Name: _gid
Value: GA1.2.821948285.1686451879
.hepsibahis049.com/ Name: _gat
Value: 1
.hepsibahis049.com/ Name: _ga_6ZJT1RZ4NZ
Value: GS1.1.1686451878.1.0.1686451878.60.0.0
.hepsibahis049.com/ Name: _ga
Value: GA1.1.743873558.1686451879
.hepsibahis049.com/ Name: _gat_gtag_UA_26966128_5
Value: 1
.hepsibahis049.com/ Name: _ym_uid
Value: 168645187994928520
.hepsibahis049.com/ Name: _ym_d
Value: 1686451879
mc.yandex.ru/ Name: yabs-sid
Value: 2395765031686451879
.yandex.ru/ Name: i
Value: tufIYG1sXWjREtUw58Qv+ccGdBO8X3QcvoGAcRUQX1R8nY+8CUcv4rgzYJy5J3nC5MHgpJODOLWcOSI0TdgHhX1cl5M=
.yandex.ru/ Name: yandexuid
Value: 2776484061686451879
.yandex.ru/ Name: yuidss
Value: 2776484061686451879
.yandex.ru/ Name: ymex
Value: 1717987879.yc.1686451879#1717987879.yrts.1686451879#1717987879.yrtsi.1686451879
.yandex.ru/ Name: bh
Value: KgI/MA==
.hepsibahis049.com/ Name: _ym_isad
Value: 2
.hepsibahis049.com/ Name: _ym_visorc
Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
etreaunaturel.fr
fonts.gstatic.com
go.hepsibahis049.com
mc.yandex.ru
region1.analytics.google.com
stats.g.doubleclick.net
trk.winaffiliates1.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700::6811:190e
2606:4700::6812:17ac
2620:1ec:bdf::45
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
2a02:6b8::1:119
2a06:98c1:3120::3
0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b
0cf91820645b161ba2d9497fc39b878889980267b5504d8149f0cb24b7b855a7
130ad9709983b31fbf96180a1ccb972575ef3ec8ee1c39e58c1caefc4da6d51e
23db324c8dbda543e7df5c4352bd45313f809afa9b5fff3515f35f838b91bbdc
257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226
32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf
3c95a3b38829138538f4de8621d23b5229e442df0e63ffb5b5ee0cb8f0258b38
4acba540de7bf942b0e41feb83e98273b599b7a70f0bbe67e84afce4450f6a3e
4eba197877c13a1b2ee76eb788d1c2e3cb13f5ca66d4df831b7a8ef2b77d1dc9
4fbd287cbe34d2c09c0ab9fd592e4c07965e31083527beff3f4c36c4f0af411f
50aa1985704bf9cadb889e64f18c16c60b81d84e84f46c4d8b855e45a3f394f9
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5391619122890a5b4d381919d6b3aa9eee8f4906ab9d4674ea51197dcb708525
54614b00182e381317b8a54ab266d2aa0ef26f8b939467f113efd1f27d425352
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b6a580f7e90f4e5d39251bd90cca18aa7dfbf46702d6f5c567ba975df646c1f
64dbdd5c7a2e6e5db2d4e2b82d46896b9039b8244d92d2d47ee5d4be5190b084
6504b671773f0de4638c2f9e34100bc1706d34ecde1b42ae80a2a2267ac7941f
68a410ca57ac5102073cd7a6f1fd8ce93034ca13b157aa845eda64b9ac687c3a
6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df
6d70bb315ba8396a62ea5bbff6914f25c835a42cdef2e3753f3cb017cc6572bc
75e11b1f293dfcd2622d40c6a7cc01d3f9c6e618dbbe62d50405355edbf12657
76e087187a561cb0e01c06979105782114442ff2c78a05b8e7ed5ba0a9e60ebd
78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85d2262e73bef3262593dd36ff338ea918fe65d0a1d5cfe6bdda50b4f491a01f
8c66d90c77eee0c3d866100ea7acc1688119f52f2f814b434ed841e355e32a1b
94b92d49f56a6ecef33d03ca28e75106f9b3bbbbd2a8058ff966ff6e9d52b22d
9bdf4ba9244ecd7b7b16b0472b00d6ac7185e35c20113d0bf94d68de73308232
9c378fec1d646a6b62f76d6869913b2a594f05808fd1fc76f586129fbc444d25
9cb2539f367721f56d6a29b36572a27b45ca45e41bf1c1ae7dd9e680aa13ed0a
9d23d5224e8cb649f7552ac64dea3ae1b589c7ea2e5186c0f8e6949c99b7462e
ab98a4cdadd3218250928301ff480213c97d8e69a0d46278955c22350a29d77b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3f84234392a09cc747d2f486f6fe49c7a877a37b8b214d211fb931d3976162b
b6696e4eed359fa6b17b8f694a96b441e737732b15ba938ee27f1428f1bdb0ad
bb13a27a9507903fe14a9ee6af2f6eae7c15cd471c3dd20a26035f9a7bb50385
c163783e44cd086edbbae153bec230d410887e7fdfb3e949750b7bc23a1ddd20
d4f6aba64904de6d390ea9bdbe021c7807e3c6ea5fb5a732f9040e2afcd7b707
d76035f1e82e73372ea8920f27d95c68a189962e23c305842322ad173f2541e2
d83aaa84853eb7b035d88f49dc68e873bd7e44f810e303036a77b2f1f62a3511
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2bd98cb75021883a84ec7048a47e311ce2100c1a4cce0e08500251dc1ee360a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e979ca5b6ba0c1b3e2b00679f8934ab430b9bcc6b138246727068078b96f7127
ea20a6ee4c93782d2dceef5259dec8937ab7dd55e7ab9293291e7366c9dc36bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629