go.hepsibahis049.com Open in urlscan Pro
2606:4700::6812:17ac Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://djbillyevenement.fr/
Effective URL:
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm...
Submission: On June 10 via api (June 10th 2023, 2:28:52 am UTC) from US — Scanned from FR

Summary HTTP 55 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 55 HTTP transactions. The main IP is 2606:4700::6812:17ac, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.hepsibahis049.com.
TLS certificate: Issued by R3 on June 9th 2023. Valid for: 3 months.

This is the only time go.hepsibahis049.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:1008	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
31	2606:4700::68... 2606:4700::6812:17ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
55	11

1 2606:4700:3037::6815:1008 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

djbillyevenement.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

trk.winaffiliates1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6812:17ac (United States)

ASN13335 (CLOUDFLARENET, US)

go.hepsibahis049.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	hepsibahis049.com go.hepsibahis049.com	534 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	115 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3244	60 KB
3	google.fr www.google.fr — Cisco Umbrella Rank: 14106	622 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3028 www.google.com — Cisco Umbrella Rank: 3	772 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 121	433 B
2	gstatic.com fonts.gstatic.com	42 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	134 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	6 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422	30 KB
1	winaffiliates1.com 1 redirects trk.winaffiliates1.com — Cisco Umbrella Rank: 341746	907 B
1	djbillyevenement.fr 1 redirects djbillyevenement.fr	481 B
55	12

	Domain	Requested by
31	go.hepsibahis049.com	go.hepsibahis049.com
6	www.google-analytics.com	www.google-analytics.com go.hepsibahis049.com
4	mc.yandex.ru	1 redirects go.hepsibahis049.com
3	www.google.fr	go.hepsibahis049.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google.com	go.hepsibahis049.com
2	fonts.gstatic.com	go.hepsibahis049.com
2	www.googletagmanager.com	go.hepsibahis049.com www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	go.hepsibahis049.com
1	ajax.googleapis.com	go.hepsibahis049.com
1	trk.winaffiliates1.com	1 redirects
1	djbillyevenement.fr	1 redirects
55	13

This site contains links to these domains. Also see Links.

Domain
www.hepsibahis049.com

Subject Issuer	Validity	Valid
go.hepsibahis049.com R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Frame ID: 03DCD6F1CB32F5C1F69C747912070610
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hepsibahis - youwin - Hoş Geldin Bonusu 3000

Page URL History Show full URLs

https://djbillyevenement.fr/ HTTP 301
https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&aff... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

922 kB
Transfer

1585 kB
Size

22
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hepsibahis049.com/registration?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Şimdi Katıl

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/myaccount?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Giriş

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Spor

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/inplay?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Canlı Bahis

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/casino?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Casino

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/live?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Canlı Casino

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/virtualcasino?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Sanal Sporlar

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/promotions/sport?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Bonus

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/FBL?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Futbol

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/BKB?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Basketbol

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/TNS?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Tenis

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/VBL?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Voleybol

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/UFB?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: ABD Futbolu

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/BOX?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Boks

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/HKY?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Buz Hokeyi

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/DAR?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Dart

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/FOR1?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Formula 1

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/GLF?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Golf

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/HBL?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Hentbol

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/CRK?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Kriket

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/MMA?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: MMA

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/MSP?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Motor Sporları

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/RGBU?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Rugby Birliği

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/SNK?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Snooker

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/SPDW?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Speedway

Search URL Search Domain Scan URL

URL: https://www.hepsibahis049.com/sportsbook/BND?&affiliate=net_refer&pname=659065_1D88CE31BABF486D8EC099F147F88B43
Title: Özel Bahisler

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://djbillyevenement.fr/ HTTP 301
https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449 HTTP 307
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A863%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A538652847384%3Ahid%3A110446754%3Az%3A0%3Ai%3A20230610022846%3Aet%3A1686364127%3Ac%3A1%3Arn%3A275849733%3Arqn%3A1%3Au%3A1686364127472274508%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C54%2C143%2C2%2C385%2C0%2C%2C180%2C0%2C%2C%2C%2C766%3Aco%3A0%3Acpf%3A1%3Ans%3A1686364125575%3Arqnl%3A1%3Ast%3A1686364127%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A863%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A538652847384%3Ahid%3A110446754%3Az%3A0%3Ai%3A20230610022846%3Aet%3A1686364127%3Ac%3A1%3Arn%3A275849733%3Arqn%3A1%3Au%3A1686364127472274508%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C54%2C143%2C2%2C385%2C0%2C%2C180%2C0%2C%2C%2C%2C766%3Aco%3A0%3Acpf%3A1%3Ans%3A1686364125575%3Arqnl%3A1%3Ast%3A1686364127%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
go.hepsibahis049.com/welcomeoffernew/
Redirect Chain

https://djbillyevenement.fr/
https://trk.winaffiliates1.com/redirect.aspx?pid=2086821&bid=3449
https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449

65 KB
12 KB

198ms
143ms

Document
text/html

2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e979ca5b6ba0c1b3e2b00679f8934ab430b9bcc6b138246727068078b96f7127

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-cache-status: MISS
cf-ray: 7d4e2ecbab203cd1-CDG
content-encoding: br
content-md5: qENblTScfH3bX238FcnuNQ==
content-type: text/html; charset=utf-8
date: Sat, 10 Jun 2023 02:28:46 GMT
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a7a80cfa-101e-0040-2d43-9b153a000000
x-ms-version: 2014-02-14

Redirect headers

access-control-expose-headers: Request-Context
cache-control: private,no-cache, no-store
content-length: 0
content-type: text/html
date: Sat, 10 Jun 2023 02:28:45 GMT
location: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma: no-cache
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version: 4.0.30319
x-azure-ref: 20230610T022845Z-1dtqtph7n12df9t2ysnnesfa2c00000004s00000000086v5
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 109ms
32ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:36:51 GMT

GET
H2 200 jquery.bxslider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/ 24 KB
6 KB 91ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.15/jquery.bxslider.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 886430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5599
last-modified: Mon, 04 May 2020 16:09:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e1e-5ebc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjFeTvGxan08tpeyCHQU54TgKm%2FPch0pg9WXJ%2FDRFbas7HaTB534FcmXPwkCZbigZYvFpFP5rXt3uKVZ1sB2%2FDGGiE%2F%2FI7PKyuRCQgnua9GerPW0QcpCt1G9Qw%2BafLHU4T16%2FCqvQRWsKLYXkdiRUdsx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d4e2eccff2d2a77-CDG
expires: Thu, 30 May 2024 02:28:46 GMT

GET
H2 200 custom.js Show response
go.hepsibahis049.com/ 10 KB
2 KB 36ms
32ms Script
application/javascript 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hepsibahis049.com/custom.js
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 2cuBhFIzR3Bb9nf6otliyQ==
age: 43228
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 08 Feb 2023 22:30:55 GMT
server: cloudflare
etag: W/"0x8DB0A24247B7FDE"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d41f6ff6-901e-002c-64de-9afead000000
x-ms-version: 2014-02-14
cf-ray: 7d4e2ecc9b653cd1-CDG

GET
H2 200 papara_small.png
go.hepsibahis049.com/welcomeoffernew/ 736 B
911 B 32ms
32ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/papara_small.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea20a6ee4c93782d2dceef5259dec8937ab7dd55e7ab9293291e7366c9dc36bc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: aXojKqbPqFaWGxPh6l8+vA==
age: 18001
content-length: 736
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:05 GMT
server: cloudflare
etag: "0x8DB68EEC128B3CC"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 695a643a-b01e-0014-3b19-9b5a6d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecd6ba03cd1-CDG

GET
H2 200 payfix.png
go.hepsibahis049.com/welcomeoffernew/ 2 KB
2 KB 32ms
32ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/payfix.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2bd98cb75021883a84ec7048a47e311ce2100c1a4cce0e08500251dc1ee360a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: a+NfNuBiBWKTat5zGoY89w==
age: 43227
content-length: 1660
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:05 GMT
server: cloudflare
etag: "0x8DB68EEC13005AC"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: aa2b19e6-701e-0024-4bde-9ae4a2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecd7baa3cd1-CDG

GET
H2 200 visamaster.png
go.hepsibahis049.com/welcomeoffernew/ 3 KB
3 KB 64ms
58ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/visamaster.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d83aaa84853eb7b035d88f49dc68e873bd7e44f810e303036a77b2f1f62a3511

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: LkWFSngCpJZmFmeZTheYIg==
age: 43227
content-length: 2569
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:06 GMT
server: cloudflare
etag: "0x8DB68EEC1C50408"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 75e0855d-f01e-003a-28de-9a087a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabbb3cd1-CDG

GET
H2 200 paykwik_f.png
go.hepsibahis049.com/welcomeoffernew/ 1 KB
1 KB 62ms
57ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/paykwik_f.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50aa1985704bf9cadb889e64f18c16c60b81d84e84f46c4d8b855e45a3f394f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: 5oKQWJt50eTJb8gNxMMy8g==
age: 18001
content-length: 1135
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:05 GMT
server: cloudflare
etag: "0x8DB68EEC1370986"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 588a7c8e-301e-0078-4219-9bb1fa000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabbc3cd1-CDG

GET
H2 200 1.png
go.hepsibahis049.com/welcomeoffernew/ 697 B
832 B 42ms
37ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/1.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6a580f7e90f4e5d39251bd90cca18aa7dfbf46702d6f5c567ba975df646c1f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: bsc3+EePJh8pZVAyyIxxVA==
age: 43227
content-length: 697
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
etag: "0x8DB68EEBFEF76FA"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4684158c-901e-0013-7bde-9a360e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabbd3cd1-CDG

GET
H2 200 2.png
go.hepsibahis049.com/welcomeoffernew/ 865 B
1 KB 46ms
41ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/2.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 130ad9709983b31fbf96180a1ccb972575ef3ec8ee1c39e58c1caefc4da6d51e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: NPhBqe0EmXeJZHSLmnEYxw==
age: 43227
content-length: 865
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
etag: "0x8DB68EEBFF6A1EB"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 82f6075f-501e-0023-2fde-9a88c1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabbe3cd1-CDG

GET
H2 200 3.png
go.hepsibahis049.com/welcomeoffernew/ 929 B
1 KB 43ms
38ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/3.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e11b1f293dfcd2622d40c6a7cc01d3f9c6e618dbbe62d50405355edbf12657

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: tdYWzFA8Sorgg1MswXvDXQ==
age: 43227
content-length: 929
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
etag: "0x8DB68EEBFFD57A9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a6659894-101e-000d-15de-9adad6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabbf3cd1-CDG

GET
H2 200 img_balli_sali.jpg
go.hepsibahis049.com/welcomeoffernew/ 32 KB
32 KB 66ms
62ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/img_balli_sali.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb13a27a9507903fe14a9ee6af2f6eae7c15cd471c3dd20a26035f9a7bb50385

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: VJEpr7xDQ1F4ss9XSbz+Tw==
age: 43227
content-length: 32702
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC090818C"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 8339d9a5-201e-004b-24de-9aee51000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabc03cd1-CDG

GET
H2 200 img_euroleague.jpg
go.hepsibahis049.com/welcomeoffernew/ 16 KB
16 KB 61ms
57ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/img_euroleague.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cf91820645b161ba2d9497fc39b878889980267b5504d8149f0cb24b7b855a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: oYk3Fxj8zrx/40Y3nay7aA==
age: 43227
content-length: 16626
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC097D375"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 35665c6d-701e-0069-7bde-9a2b4e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabc13cd1-CDG

GET
H2 200 img_sonunda_cuma.jpg
go.hepsibahis049.com/welcomeoffernew/ 31 KB
31 KB 65ms
61ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/img_sonunda_cuma.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b92d49f56a6ecef33d03ca28e75106f9b3bbbbd2a8058ff966ff6e9d52b22d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: jJH1vsmIjg9AsvHSdeU/oA==
age: 43227
content-length: 31996
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC0A76191"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 57cb6e50-301e-0078-11de-9ab1fa000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabc23cd1-CDG

GET
H2 200 img_slot_ligi.jpg
go.hepsibahis049.com/welcomeoffernew/ 25 KB
25 KB 46ms
42ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/img_slot_ligi.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab98a4cdadd3218250928301ff480213c97d8e69a0d46278955c22350a29d77b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: TJOk0F9QmVVLiasdJrUWJg==
age: 18000
content-length: 25825
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC09F2568"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e9703cb0-c01e-0053-1c19-9b3136000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdabc33cd1-CDG

GET
H2 200 bookofdeath.jpg
go.hepsibahis049.com/welcomeoffernew/ 17 KB
17 KB 62ms
58ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/bookofdeath.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eba197877c13a1b2ee76eb788d1c2e3cb13f5ca66d4df831b7a8ef2b77d1dc9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: 2ntFpC58YoDjBGsr9KBVCQ==
age: 43227
content-length: 16945
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
etag: "0x8DB68EEC0315863"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 830f3c69-801e-000f-64de-9a646e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbc53cd1-CDG

GET
H2 200 easterisland2.jpg
go.hepsibahis049.com/welcomeoffernew/ 27 KB
27 KB 64ms
60ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/easterisland2.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c66d90c77eee0c3d866100ea7acc1688119f52f2f814b434ed841e355e32a1b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: rv11pd8+ewCQBCsaKJPk5g==
age: 43227
content-length: 27639
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC05F6691"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 6756e056-801e-001f-26de-9aa106000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbc63cd1-CDG

GET
H2 200 sweetbonanza.jpg
go.hepsibahis049.com/welcomeoffernew/ 27 KB
27 KB 63ms
59ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/sweetbonanza.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6504b671773f0de4638c2f9e34100bc1706d34ecde1b42ae80a2a2267ac7941f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: u409FWuWRI1wiwwnbW5vQw==
age: 43227
content-length: 27954
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:06 GMT
server: cloudflare
etag: "0x8DB68EEC17D300E"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 742a5bba-b01e-0004-59de-9a9f05000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbc73cd1-CDG

GET
H2 200 hotline.jpg
go.hepsibahis049.com/welcomeoffernew/ 14 KB
14 KB 66ms
62ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/hotline.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f84234392a09cc747d2f486f6fe49c7a877a37b8b214d211fb931d3976162b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: f9Oaw6L/PvxkQL6tWUAE1g==
age: 43227
content-length: 14656
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC089A4B7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: fcb9a890-c01e-000e-79de-9a3bb2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbc83cd1-CDG

GET
H2 200 infinityreels.jpg
go.hepsibahis049.com/welcomeoffernew/ 22 KB
23 KB 36ms
32ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/infinityreels.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54614b00182e381317b8a54ab266d2aa0ef26f8b939467f113efd1f27d425352

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: +1RsJBfODbrRScHdoWz41g==
age: 43227
content-length: 23017
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC0B012E9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 0f714145-201e-0074-30de-9a26f2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbc93cd1-CDG

GET
H2 200 lightningroulette.jpg
go.hepsibahis049.com/welcomeoffernew/ 14 KB
14 KB 63ms
59ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/lightningroulette.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23db324c8dbda543e7df5c4352bd45313f809afa9b5fff3515f35f838b91bbdc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: +ygXJJ416iVPN1FziMY9zg==
age: 26437
content-length: 13829
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:05 GMT
server: cloudflare
etag: "0x8DB68EEC0E63630"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 8b883330-101e-0032-1d05-9b1275000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbca3cd1-CDG

GET
H2 200 starburst.jpg
go.hepsibahis049.com/welcomeoffernew/ 7 KB
8 KB 65ms
61ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/starburst.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6696e4eed359fa6b17b8f694a96b441e737732b15ba938ee27f1428f1bdb0ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: ztIMBPTolZfQcJuKJ5fGOA==
age: 43227
content-length: 7563
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:05 GMT
server: cloudflare
etag: "0x8DB68EEC152F1E8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 29958202-401e-002f-02de-9a1fc9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbcb3cd1-CDG

GET
H2 200 sweetalchemy.jpg
go.hepsibahis049.com/welcomeoffernew/ 14 KB
15 KB 64ms
60ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/sweetalchemy.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f6aba64904de6d390ea9bdbe021c7807e3c6ea5fb5a732f9040e2afcd7b707

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: AVQcFmvY5uO5M2ZeoVn2Qw==
age: 43227
content-length: 14599
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:06 GMT
server: cloudflare
etag: "0x8DB68EEC1760526"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 0f714144-201e-0074-2fde-9a26f2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbcc3cd1-CDG

GET
H2 200 wildseas.jpg
go.hepsibahis049.com/welcomeoffernew/ 16 KB
16 KB 43ms
39ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/wildseas.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c378fec1d646a6b62f76d6869913b2a594f05808fd1fc76f586129fbc444d25

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: aYL4c5PpE3lTJw38DhQbqQ==
age: 43227
content-length: 15922
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:06 GMT
server: cloudflare
etag: "0x8DB68EEC1D30BBC"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: c3d1f633-001e-0011-5ede-9a88b6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbcd3cd1-CDG

GET
H2 200 jamminjars.jpg
go.hepsibahis049.com/welcomeoffernew/ 31 KB
31 KB 66ms
63ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/jamminjars.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cb2539f367721f56d6a29b36572a27b45ca45e41bf1c1ae7dd9e680aa13ed0a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: TUQfIOZbhzofkilx+bNUAQ==
age: 43227
content-length: 32017
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC0C96391"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 131d5bdb-401e-0000-14de-9a1202000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbce3cd1-CDG

GET
H2 200 bitcoin-direkt_f.png
go.hepsibahis049.com/welcomeoffernew/ 2 KB
2 KB 66ms
63ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/bitcoin-direkt_f.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a410ca57ac5102073cd7a6f1fd8ce93034ca13b157aa845eda64b9ac687c3a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: xvB/C/FAmkH4dqmnl9CpLQ==
age: 43227
content-length: 1951
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
etag: "0x8DB68EEC01437B7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4af2fc8a-b01e-003b-36de-9a57a6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbcf3cd1-CDG

GET
H2 200 astropay_f.png
go.hepsibahis049.com/welcomeoffernew/ 1 KB
1 KB 64ms
61ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/astropay_f.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5391619122890a5b4d381919d6b3aa9eee8f4906ab9d4674ea51197dcb708525

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: tRncZ0bF+GaVGF4jsKMmLA==
age: 43227
content-length: 1285
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
etag: "0x8DB68EEC004828F"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3388d284-e01e-006b-6cde-9a95f6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbd03cd1-CDG

GET
H2 200 lc.png
go.hepsibahis049.com/welcomeoffernew/ 2 KB
2 KB 65ms
61ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/lc.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76035f1e82e73372ea8920f27d95c68a189962e23c305842322ad173f2541e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: J6iecoTldIEc6xjRfVBlrA==
age: 43227
content-length: 2001
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC0D71D32"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3fc67ee2-701e-0079-52de-9aee26000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbd13cd1-CDG

GET
H2 200 cookieplugin.js Show response
go.hepsibahis049.com/welcomeoffernew/ 1 KB
811 B 35ms
34ms Script
application/javascript 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.hepsibahis049.com/welcomeoffernew/cookieplugin.js
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: beLWMboQ03ua3lh6HCIJ7g==
age: 43227
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: W/"0x8DB68EEC049E5E7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: cc50579f-e01e-0036-66de-9a9f72000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 7d4e2ecd2b923cd1-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 123 KB
48 KB 115ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26966128-5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a401181efd76fe62a868ac801dfdd0adb108d6ee2a20a41c11654e978b3992b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48522
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Jun 2023 02:28:46 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 165 KB
58 KB 310ms
150ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/custom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 15:38:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6481cbd8-e779"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 59257
expires: Sat, 10 Jun 2023 03:28:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 105ms
33ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host:
URL: homescript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Jun 2023 00:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6799
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 10 Jun 2023 02:35:27 GMT

GET
H2 200 youwin_logo.png
go.hepsibahis049.com/welcomeoffernew/ 1 KB
1 KB 56ms
56ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/youwin_logo.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64dbdd5c7a2e6e5db2d4e2b82d46896b9039b8244d92d2d47ee5d4be5190b084

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: OXO50YfYJ+zLXmDUYf7wDg==
age: 43227
content-length: 1312
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:06 GMT
server: cloudflare
etag: "0x8DB68EEC1E11371"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a9235214-b01e-0049-70de-9a50e9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdbbd33cd1-CDG

GET
H2 200 bg_1.jpg
go.hepsibahis049.com/welcomeoffernew/ 201 KB
202 KB 60ms
60ms Image
image/jpeg 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/bg_1.jpg
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bdf4ba9244ecd7b7b16b0472b00d6ac7185e35c20113d0bf94d68de73308232

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: S/T6zspgpH/2rB5TsJ4k1g==
age: 43227
content-length: 206193
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 09 Jun 2023 13:38:03 GMT
server: cloudflare
etag: "0x8DB68EEC00CE5C4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 4af2fcb1-b01e-003b-59de-9a57a6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecddbdb3cd1-CDG

GET
H2 200 footer-bg.png
go.hepsibahis049.com/welcomeoffernew/ 2 KB
2 KB 59ms
59ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/footer-bg.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c95a3b38829138538f4de8621d23b5229e442df0e63ffb5b5ee0cb8f0258b38

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: HIT
content-md5: AfOwNzWZdCs+3OKn+Am58w==
age: 43227
content-length: 1560
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC073AEEA"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 11d07179-b01e-0059-3dde-9a9581000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecddbdd3cd1-CDG

GET
H2 200 or3sQ67z0_CI33NTbJE.woff2
fonts.gstatic.com/s/jaldi/v6/ 21 KB
22 KB 105ms
32ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v6/or3sQ67z0_CI33NTbJE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acba540de7bf942b0e41feb83e98273b599b7a70f0bbe67e84afce4450f6a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.hepsibahis049.com/
Origin: https://go.hepsibahis049.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 23:05:56 GMT
x-content-type-options: nosniff
age: 530570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21900
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:10:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 23:05:56 GMT

GET
H2 200 or3sQ67z0_CI33NdbJHPBw.woff2
fonts.gstatic.com/s/jaldi/v6/ 20 KB
20 KB 126ms
62ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v6/or3sQ67z0_CI33NdbJHPBw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76e087187a561cb0e01c06979105782114442ff2c78a05b8e7ed5ba0a9e60ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.hepsibahis049.com/
Origin: https://go.hepsibahis049.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:21:33 GMT
x-content-type-options: nosniff
age: 536833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20808
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:10:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 21:21:33 GMT

GET
H2 200 controls.png
go.hepsibahis049.com/welcomeoffernew/ 3 KB
3 KB 108ms
107ms Image
image/png 2606:4700::6812:17ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.hepsibahis049.com/welcomeoffernew/controls.png
Requested by: Host: go.hepsibahis049.com
URL: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/welcomeoffernew/index.html?pname=659065_1D88CE31BABF486D8EC099F147F88B43&affiliate=net_refer&utm_medium=Affiliates&utm_source=659065&utm_campaign=3449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Jun 2023 02:28:46 GMT
cf-cache-status: MISS
content-md5: 2dJTcvOMayQrm1HVhB/obg==
content-length: 2806
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 13:38:04 GMT
server: cloudflare
etag: "0x8DB68EEC0404A59"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 7e2d133b-001e-0063-1843-9b8ff9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d4e2ecdfbe63cd1-CDG

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 40ms
37ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=926976969&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABQAAAACAAI~&jid=505904735&gjid=571069975&cid=1374153258.1686364126&tid=UA-26966128-5&_gid=33977241.1686364126&_r=1&_slc=1&z=1145037204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis049.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 120 KB
47 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T4HQLRB&cid=1374153258.1686364126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

379e12e715dca4ac7ef62aa931183cd2f13b9ac614f94b5fda8b676e7eafaf13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47835
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Jun 2023 02:28:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
86 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26966128-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

102601ba350af79c10a973d32edee8854f40f25716989327d8845756c8480065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Jun 2023 02:28:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=1374153258.1686364126&jid=505904735&gjid=571069975&_gid=33977241.1686364126&_u=IEBAAEAAQAAAACAAI~&z=1369015771

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis049.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 120 KB
47 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NSX5KH6&t=gtag_UA_26966128_5&cid=1374153258.1686364126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15e4670acfe8eca3666bef5aa6a69f0496a27838a0f5c846a1aeb19d8b210c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:28:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47875
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Jun 2023 02:28:46 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
31ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=926976969&t=pageview&_s=2&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=&gjid=&cid=1374153258.1686364126&tid=UA-26966128-5&_gid=33977241.1686364126&z=124402500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 21:46:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16920
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 85ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6ZJT1RZ4NZ&gtm=45je3671&_p=926976969&_gaz=1&cid=1374153258.1686364126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686364126&sct=1&seg=0&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 30ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6ZJT1RZ4NZ&cid=1374153258.1686364126&gtm=45je3671&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZJT1RZ4NZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 117ms
43ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6ZJT1RZ4NZ&cid=1374153258.1686364126&gtm=45je3671&aip=1&z=929345563

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 118ms
45ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1374153258.1686364126&jid=505904735&_u=IEBAAEAAQAAAACAAI~&z=1178352235

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 117ms
49ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1374153258.1686364126&jid=505904735&_u=IEBAAEAAQAAAACAAI~&z=1178352235

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 39ms
39ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=926976969&t=pageview&_s=1&dl=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&ul=en-us&de=UTF-8&dt=Hepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAACAAI~&jid=1792446348&gjid=81263925&cid=1374153258.1686364126&tid=UA-26966128-5&_gid=33977241.1686364126&_r=1&gtm=457e3671&jsscut=1&z=246705857

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis049.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-26966128-5&cid=1374153258.1686364126&jid=1792446348&gjid=81263925&_gid=33977241.1686364126&_u=aGDAAUADQAAAACAAI~&z=362328055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.hepsibahis049.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 76ms
76ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:28:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 15:38:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6481cbd8-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 10 Jun 2023 03:28:46 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 52ms
51ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1374153258.1686364126&jid=1792446348&_u=aGDAAUADQAAAACAAI~&z=1561342104

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-26966128-5&cid=1374153258.1686364126&jid=1792446348&_u=aGDAAUADQAAAACAAI~&z=1561342104

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/48641507/
Redirect Chain

https://mc.yandex.ru/watch/48641507?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26ut...
https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26...

447 B
530 B

80ms
79ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A863%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A538652847384%3Ahid%3A110446754%3Az%3A0%3Ai%3A20230610022846%3Aet%3A1686364127%3Ac%3A1%3Arn%3A275849733%3Arqn%3A1%3Au%3A1686364127472274508%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C54%2C143%2C2%2C385%2C0%2C%2C180%2C0%2C%2C%2C%2C766%3Aco%3A0%3Acpf%3A1%3Ans%3A1686364125575%3Arqnl%3A1%3Ast%3A1686364127%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e8b7f77d56b2b960ab28f624911c93533c46d21414037edef838bfe65ea68eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://go.hepsibahis049.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 10-Jun-2023 02:28:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Sat, 10-Jun-2023 02:28:46 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Jun 2023 02:28:46 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10-Jun-2023 02:28:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/48641507/1?wmode=7&page-url=https%3A%2F%2Fgo.hepsibahis049.com%2Fwelcomeoffernew%2Findex.html%3Fpname%3D659065_1D88CE31BABF486D8EC099F147F88B43%26affiliate%3Dnet_refer%26utm_medium%3DAffiliates%26utm_source%3D659065%26utm_campaign%3D3449&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f3pkmudv5b3%3Afp%3A863%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A538652847384%3Ahid%3A110446754%3Az%3A0%3Ai%3A20230610022846%3Aet%3A1686364127%3Ac%3A1%3Arn%3A275849733%3Arqn%3A1%3Au%3A1686364127472274508%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C54%2C143%2C2%2C385%2C0%2C%2C180%2C0%2C%2C%2C%2C766%3Aco%3A0%3Acpf%3A1%3Ans%3A1686364125575%3Arqnl%3A1%3Ast%3A1686364127%3At%3AHepsibahis%20-%20youwin%20-%20Ho%C5%9F%20Geldin%20Bonusu%203000&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://go.hepsibahis049.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 10-Jun-2023 02:28:46 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winaffiliates1.com/	1970-01-20 22:02:04	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a2086821%2c%22BID%22%3a3449%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1686364125929)%5c%2f%22%2c%22CookieTag%22%3a%22344920868218%3a%3ad463%3ad%3a0d14%3a1002C2023610228%22%7d%5d
.winaffiliates1.com/	1970-01-20 22:02:04	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224719450185%7c1%22%7d%5d
.hepsibahis049.com/	1970-01-20 13:09:16	Name: pnameCookie Value: 659065_1D88CE31BABF486D8EC099F147F88B43
.hepsibahis049.com/	1970-01-20 13:09:16	Name: affiliateCookie Value: net_refer
.hepsibahis049.com/	1970-01-20 13:09:16	Name: sb_clickthroughpromotion Value: 659065_1D88CE31BABF486D8EC099F147F88B43
.hepsibahis049.com/	1970-01-20 13:09:16	Name: sb_clickthroughurl Value: https%3A%2F%2Fm.hepsibahis049.com
.hepsibahis049.com/	1970-01-20 13:09:16	Name: sb_clickthroughusername Value: net_refer
.hepsibahis049.com/	1970-01-20 12:27:30	Name: _gid Value: GA1.2.33977241.1686364126
.hepsibahis049.com/	1970-01-20 12:26:04	Name: _gat Value: 1
.hepsibahis049.com/	1970-01-20 22:02:04	Name: _ga_6ZJT1RZ4NZ Value: GS1.1.1686364126.1.0.1686364126.60.0.0
.hepsibahis049.com/	1970-01-20 22:02:04	Name: _ga Value: GA1.1.1374153258.1686364126
.hepsibahis049.com/	1970-01-20 12:26:04	Name: _gat_gtag_UA_26966128_5 Value: 1
.hepsibahis049.com/	1970-01-20 21:11:40	Name: _ym_uid Value: 1686364127472274508
.hepsibahis049.com/	1970-01-20 21:11:40	Name: _ym_d Value: 1686364127
.hepsibahis049.com/	1970-01-20 12:27:16	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2222914241686364126
.yandex.ru/	1970-01-20 22:02:04	Name: i Value: VFODHZqGI8rIn3b7Cv3AXY18LMrrN1JmTTkmwziYp42U0A1FrL+mOLpBN1+WzmdNyXUL5XepXbkflr+xkEo0nXHNMnI=
.yandex.ru/	1970-01-20 22:02:04	Name: yandexuid Value: 7347896871686364126
.yandex.ru/	1970-01-20 21:11:40	Name: yuidss Value: 7347896871686364126
.yandex.ru/	1970-01-20 21:11:40	Name: ymex Value: 1717900126.yc.1686364126#1717900126.yrts.1686364126#1717900126.yrtsi.1686364126
.yandex.ru/	1970-01-20 21:11:40	Name: bh Value: KgI/MA==
.hepsibahis049.com/	1970-01-20 12:26:05	Name: _ym_visorc Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
djbillyevenement.fr
fonts.gstatic.com
go.hepsibahis049.com
mc.yandex.ru
region1.analytics.google.com
stats.g.doubleclick.net
trk.winaffiliates1.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:3037::6815:1008
2606:4700::6811:190e
2606:4700::6812:17ac
2620:1ec:4e:1::45
2a00:1450:4001:80b::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9a
2a02:6b8::1:119
0514852953a68cc209452a836b4b537539d30533c1f24785fb2115d8a4974e9b
0cf91820645b161ba2d9497fc39b878889980267b5504d8149f0cb24b7b855a7
102601ba350af79c10a973d32edee8854f40f25716989327d8845756c8480065
130ad9709983b31fbf96180a1ccb972575ef3ec8ee1c39e58c1caefc4da6d51e
15e4670acfe8eca3666bef5aa6a69f0496a27838a0f5c846a1aeb19d8b210c6e
23db324c8dbda543e7df5c4352bd45313f809afa9b5fff3515f35f838b91bbdc
257206c4fd6bcee36927eb0ef2ba087b5dfc6c9a18df7f8553878bf847616226
32cbd6c1c5fef545513cc8ff5d59d22a89ee7726edddd216303dd2ee352c96cf
379e12e715dca4ac7ef62aa931183cd2f13b9ac614f94b5fda8b676e7eafaf13
3c95a3b38829138538f4de8621d23b5229e442df0e63ffb5b5ee0cb8f0258b38
4acba540de7bf942b0e41feb83e98273b599b7a70f0bbe67e84afce4450f6a3e
4eba197877c13a1b2ee76eb788d1c2e3cb13f5ca66d4df831b7a8ef2b77d1dc9
50aa1985704bf9cadb889e64f18c16c60b81d84e84f46c4d8b855e45a3f394f9
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5391619122890a5b4d381919d6b3aa9eee8f4906ab9d4674ea51197dcb708525
54614b00182e381317b8a54ab266d2aa0ef26f8b939467f113efd1f27d425352
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b6a580f7e90f4e5d39251bd90cca18aa7dfbf46702d6f5c567ba975df646c1f
64dbdd5c7a2e6e5db2d4e2b82d46896b9039b8244d92d2d47ee5d4be5190b084
6504b671773f0de4638c2f9e34100bc1706d34ecde1b42ae80a2a2267ac7941f
68a410ca57ac5102073cd7a6f1fd8ce93034ca13b157aa845eda64b9ac687c3a
6c0a53a059ae26965d9ec991b34cd620471a1e863125a67ffae50050aead65df
75e11b1f293dfcd2622d40c6a7cc01d3f9c6e618dbbe62d50405355edbf12657
76e087187a561cb0e01c06979105782114442ff2c78a05b8e7ed5ba0a9e60ebd
78607367664cbf05b12b933744a6c5613c2dacb877d885347aed28a6cd47a219
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8c66d90c77eee0c3d866100ea7acc1688119f52f2f814b434ed841e355e32a1b
94b92d49f56a6ecef33d03ca28e75106f9b3bbbbd2a8058ff966ff6e9d52b22d
9bdf4ba9244ecd7b7b16b0472b00d6ac7185e35c20113d0bf94d68de73308232
9c378fec1d646a6b62f76d6869913b2a594f05808fd1fc76f586129fbc444d25
9cb2539f367721f56d6a29b36572a27b45ca45e41bf1c1ae7dd9e680aa13ed0a
a401181efd76fe62a868ac801dfdd0adb108d6ee2a20a41c11654e978b3992b1
ab98a4cdadd3218250928301ff480213c97d8e69a0d46278955c22350a29d77b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3f84234392a09cc747d2f486f6fe49c7a877a37b8b214d211fb931d3976162b
b6696e4eed359fa6b17b8f694a96b441e737732b15ba938ee27f1428f1bdb0ad
bb13a27a9507903fe14a9ee6af2f6eae7c15cd471c3dd20a26035f9a7bb50385
d4f6aba64904de6d390ea9bdbe021c7807e3c6ea5fb5a732f9040e2afcd7b707
d76035f1e82e73372ea8920f27d95c68a189962e23c305842322ad173f2541e2
d83aaa84853eb7b035d88f49dc68e873bd7e44f810e303036a77b2f1f62a3511
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2bd98cb75021883a84ec7048a47e311ce2100c1a4cce0e08500251dc1ee360a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8b7f77d56b2b960ab28f624911c93533c46d21414037edef838bfe65ea68eaa
e979ca5b6ba0c1b3e2b00679f8934ab430b9bcc6b138246727068078b96f7127
ea20a6ee4c93782d2dceef5259dec8937ab7dd55e7ab9293291e7366c9dc36bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

go.hepsibahis049.com Open in urlscan Pro 2606:4700::6812:17ac Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

100 %IPv6

12 Domains

13 Subdomains

11 IPs

4 Countries

922 kBTransfer

1585 kBSize

22 Cookies

26 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.hepsibahis049.com Open in urlscan Pro
2606:4700::6812:17ac Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

922 kB
Transfer

1585 kB
Size

22
Cookies

55 HTTP transactions
0 data transactions