urlscan.io logo urlscan.io
SecurityTrails logo

www.hepsiburada.com Open in urlscan Pro
2.16.98.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.hps.im/d7ct/bho74rn2
Effective URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarl...
Submission: On February 17 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 6 domains to perform 31 HTTP transactions. The main IP is 2.16.98.49, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.hepsiburada.com. The Cisco Umbrella rank of the primary domain is 93563.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 29th 2023. Valid for: a year.
This is the only time www.hepsiburada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.246.127.31 16509 (AMAZON-02)
3 2.16.98.49 16625 (AKAMAI-AS)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
11 31.3.2.79 21245 (MEDIANOVA...)
1 52.222.139.110 16509 (AMAZON-02)
3 23.192.248.170 16625 (AKAMAI-AS)
1 2.17.22.66 20940 (AKAMAI-ASN1)
1 18.245.253.99 ()
1 2a00:1450:400... 15169 (GOOGLE)
5 82.222.9.40 34984 (TELLCOM-AS)
31 10
1    34.246.127.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-127-31.eu-west-1.compute.amazonaws.com
app.hps.im
3    2.16.98.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-98-49.deploy.static.akamaitechnologies.com
www.hepsiburada.com
1    2a02:26f0:480:d::210:f157 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
voltrancommon.hepsiburada.com
11    31.3.2.79 (Frankfurt am Main, Germany)

ASN21245 (MEDIANOVA-CDN, TR)
images.hepsiburada.net
1    52.222.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-110.ams50.r.cloudfront.net
static.hotjar.com
3    23.192.248.170 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-248-170.deploy.static.akamaitechnologies.com
hepsipay-ui-mfe.hepsiburada.com
hepsipay-gateway.hepsiburada.com
1    2.17.22.66 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-22-66.deploy.static.akamaitechnologies.com
cuzdanim-gateway.hepsiburada.com
1    18.245.253.99 (United States)

ASN- ()
PTR: server-18-245-253-99.lhr5.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    82.222.9.40 (Magnesia ad Sipylum, Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-82-222-9-40.reverse.superonline.net
hepsipay-sentry.hepsipay.com
Apex Domain
Subdomains		 Transfer
11 hepsiburada.net
images.hepsiburada.net — Cisco Umbrella Rank: 87090
283 KB
8 hepsiburada.com
www.hepsiburada.com — Cisco Umbrella Rank: 93563
voltrancommon.hepsiburada.com — Cisco Umbrella Rank: 201159
hepsipay-ui-mfe.hepsiburada.com
cuzdanim-gateway.hepsiburada.com Failed
hepsipay-gateway.hepsiburada.com
213 KB
5 hepsipay.com
hepsipay-sentry.hepsipay.com
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 825
script.hotjar.com — Cisco Umbrella Rank: 1119
68 KB
1 gstatic.com
fonts.gstatic.com
37 KB
1 hps.im
app.hps.im
711 B
31 6
Domain Requested by
11 images.hepsiburada.net www.hepsiburada.com
images.hepsiburada.net
5 hepsipay-sentry.hepsipay.com images.hepsiburada.net
3 www.hepsiburada.com www.hepsiburada.com
2 hepsipay-gateway.hepsiburada.com images.hepsiburada.net
1 fonts.gstatic.com images.hepsiburada.net
1 script.hotjar.com static.hotjar.com
1 cuzdanim-gateway.hepsiburada.com images.hepsiburada.net
1 hepsipay-ui-mfe.hepsiburada.com images.hepsiburada.net
1 static.hotjar.com www.hepsiburada.com
1 voltrancommon.hepsiburada.com www.hepsiburada.com
1 app.hps.im 1 redirects
31 11

This site contains no links.

Subject Issuer Validity Valid
www.hepsiburada.com
DigiCert SHA2 Extended Validation Server CA		 2023-05-29 -
2024-05-28		 a year crt.sh
*.hepsiburada.net
Sectigo RSA Domain Validation Secure Server CA		 2024-02-12 -
2025-03-08		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
hepsiburada.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-19 -
2024-06-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.hepsipay.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-29 -
2025-01-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Frame ID: DF5462F687487E19FAB1EA8DE2C2DCBE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hepsipay

Page URL History Show full URLs

  1. https://app.hps.im/d7ct/bho74rn2 HTTP 301
    https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraod... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

31
Requests

87 %
HTTPS

20 %
IPv6

6
Domains

11
Subdomains

10
IPs

4
Countries

603 kB
Transfer

1980 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.hps.im/d7ct/bho74rn2 HTTP 301
    https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hepsiburada.com/cuzdanim/
Redirect Chain
  • https://app.hps.im/d7ct/bho74rn2
  • https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.98.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-98-49.deploy.static.akamaitechnologies.com
Software
hepsiburada /
Resource Hash
9c0ffd28c155fed4cb2f1e444564124a87a76024e7f3ec78417464e21fa1f833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
732
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 15:21:12 GMT
etag
W/"4ee-1849e5dc7e8"
expires
Sat, 17 Feb 2024 15:21:12 GMT
last-modified
Tue, 22 Nov 2022 08:04:17 GMT
pragma
no-cache
server
hepsiburada
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-akamai-transformed
9 672 0 pmb=mTOE,1
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Accept-Ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sat, 17 Feb 2024 15:21:12 GMT
Location
https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Strict-Transport-Security
max-age=31536000; includeSubDomains
common.js
voltrancommon.hepsiburada.com/ 		391 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voltrancommon.hepsiburada.com/common.js
Requested by
Host: www.hepsiburada.com
URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
hepsiburada /
Resource Hash
133f19808ad2e93005423e6f4cef4a4ea9f911b0b749758c26dd2e051a4c37ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-edge-location
TR-379
x-cache-status
Edge : HIT,
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1708183272939_34664471_764373379_38_7479_7_18_219";dur=1
content-length
124389
hit
H
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
hepsiburada
x-mnrequest-id
d188830c2fbdd9eebc97b56d51d4a212
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=38
x-cdn-forward
medianova
accept-ranges
bytes
timing-allow-origin
*
x-datastream-cache-status
2
x-mserver
173218
expires
Sat, 17 Feb 2024 15:21:50 GMT
commons_main.e26f59fd4f131fc00063.js
images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/ 		173 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/commons_main.e26f59fd4f131fc00063.js
Requested by
Host: www.hepsiburada.com
URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
3cc430510deb66a09317267d3be3a3ca720850d297ddc90166ef667617aee2e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-as
server
MNCDN-237
x-mnrequest-id
46c2edf7ca7c23e042f137e2f8f1b3ba
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
DE-372
main.dce28d1add148b5aa0bc.js
images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/main.dce28d1add148b5aa0bc.js
Requested by
Host: www.hepsiburada.com
URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
38dd2739a42d2f60c00013395c992f71527a0f652e5c3ccc47f637b6aa3e1013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-as
vha6-origin
as-dali-varnish-02
server
MNCDN-237
x-mnrequest-id
d2e165ce2893345a102e453ce9f8233a
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
DE-372
gNBs
www.hepsiburada.com/SSYq_g/IfzjYu/eR2/nceN/m0niS/9zO5SDLhtJ3aup/eQUCVyttMg/DCscTi4/ 		224 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hepsiburada.com/SSYq_g/IfzjYu/eR2/nceN/m0niS/9zO5SDLhtJ3aup/eQUCVyttMg/DCscTi4/gNBs
Requested by
Host: www.hepsiburada.com
URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.98.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-98-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b223625f3fbbad2c7bba65c141421422d9d1b1da3bb4602a8c61c23b35e62c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 02 Aug 2023 16:13:30 GMT
etag
"c59d57ca8ea3cabecae87d15f6ef85ad3716f0f582d88086b34774ea8f233b3a"
stored-attribute-sha-checksum
3b223625f3fbbad2c7bba65c141421422d9d1b1da3bb4602a8c61c23b35e62c4
content-type
application/javascript
cache-control
max-age=21600
content-length
84826
expires
Wed, 13 Mar 2024 10:08:37 GMT
hotjar-216130.js
static.hotjar.com/c/ 		119 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-216130.js?sv=6
Requested by
Host: www.hepsiburada.com
URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-110.ams50.r.cloudfront.net
Software
/
Resource Hash
0c6c8cb6a26134f999aff0e5612dff1413420045bff1630c1a7ad3652ead75bd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 17 Feb 2024 15:21:06 GMT
via
1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
19
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/3bb997cb714d5737bb3baa860dfba20d
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
EVc2Lf_TZl5pF2OWX7rt1vWyEPzZ17xptpLQh4nkJjXae4GIX0zBRA==
Wallet
hepsipay-ui-mfe.hepsiburada.com/ 		9 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hepsipay-ui-mfe.hepsiburada.com/Wallet?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/commons_main.e26f59fd4f131fc00063.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.248.170 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-248-170.deploy.static.akamaitechnologies.com
Software
hepsiburada /
Resource Hash
bc0d86cd6f2af2cf83ce77274a90838a38426c34df1953ea926e002c07a799f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=MISS, edge; dur=10, origin; dur=151, ak_p; desc="1708183273109_34628878_912422104_16089_8874_13_21_219";dur=1
content-length
3769
x-xss-protection
1; mode=block
pragma
no-cache
server
hepsiburada
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
vary
Accept-Encoding
expires
Sat, 17 Feb 2024 15:21:13 GMT
featuretoggle
cuzdanim-gateway.hepsiburada.com/ 		0
0
featuretoggle
cuzdanim-gateway.hepsiburada.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cuzdanim-gateway.hepsiburada.com/featuretoggle?key=SentryIntegration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.22.66 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-22-66.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,client-id,tenant-id
Access-Control-Request-Method
GET
Origin
https://www.hepsiburada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate max-age=0, no-cache, no-store
content-length
707
content-type
text/html
date
Sat, 17 Feb 2024 15:21:13 GMT
expires
0 Sat, 17 Feb 2024 15:21:13 GMT
mime-version
1.0
pragma
no-cache no-cache
server
AkamaiGHost
server-timing
ak_p; desc="1708183273123_34674238_1081726533_22_8688_12_36_219";dur=1
strict-transport-security
max-age=31536000
gNBs
www.hepsiburada.com/SSYq_g/IfzjYu/eR2/nceN/m0niS/9zO5SDLhtJ3aup/eQUCVyttMg/DCscTi4/ 		18 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hepsiburada.com/SSYq_g/IfzjYu/eR2/nceN/m0niS/9zO5SDLhtJ3aup/eQUCVyttMg/DCscTi4/gNBs
Requested by
Host: www.hepsiburada.com
URL: https://www.hepsiburada.com/SSYq_g/IfzjYu/eR2/nceN/m0niS/9zO5SDLhtJ3aup/eQUCVyttMg/DCscTi4/gNBs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.98.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-98-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 17 Feb 2024 15:21:13 GMT
strict-transport-security
max-age=31536000
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.hepsiburada.com
access-control-allow-credentials
true
x_req_id
ba693243-f41f-4c55-973d-bddc88c3ffff
access-control-allow-headers
Content-Type
content-length
18
modules.e9ecc540a57d29aebf45.js
script.hotjar.com/ 		218 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e9ecc540a57d29aebf45.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-216130.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.253.99 , United States, ASN (),
Reverse DNS
server-18-245-253-99.lhr5.r.cloudfront.net
Software
/
Resource Hash
0f8aa5e7a5e9ccfec4b7c9f5e45308da58b758b347035a808e42bfea00c222cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 819eb5d1ade73da58bdea62726593c44.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR5-P5
age
165907
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55332
last-modified
Thu, 15 Feb 2024 17:15:35 GMT
etag
"c0fd02d44d882dfd953692a5d13e7049"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
PGZGbD753KTCczTmsMvU1eAcUCJZmMcMuLJrknHqHcsg6RG2qq1kcA==
client-Standard.js
images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/client-Standard.js
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/commons_main.e26f59fd4f131fc00063.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
d3687843bdd9e8b07c88e9b88f1f967d3f1ae92ecd86dbbc085db625d30d6097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-av
server
MNCDN-237
x-mnrequest-id
b7eaf5a218f09bd0bafd9cdf3bfac2cc
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
MNCDN-2137
Wallet.css
images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet.css
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/commons_main.e26f59fd4f131fc00063.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
284d8be3cd16b6473879ab72b54a7e437df83c7c5e5d0c06ac84d7dbf685f797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-av
vha6-origin
av-dali-varnish-02
server
MNCDN-237
x-mnrequest-id
1654d903fbaeacc8e168047de95d90f2
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
DE-372
client.css
images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/ 		73 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/client.css
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/commons_main.e26f59fd4f131fc00063.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
995be389847cc41ed35293de135a6497788dc3932fced6bee1760269fb373ae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-as
server
MNCDN-237
x-mnrequest-id
46e609f2361c1adc90cf6695c14ad21f
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
DE-372
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v8/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/client.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://images.hepsiburada.net/
Origin
https://www.hepsiburada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 14:45:58 GMT
x-content-type-options
nosniff
age
347715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37780
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:35:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 14:45:58 GMT
Wallet-Standard.js
images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/ 		489 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletpage/production/wpv632170/commons_main.e26f59fd4f131fc00063.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
44eca66c195958f94da8ec6dcc0a6ab1968b8d03fae46e5311a4369a4423fa3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-av
vha6-origin
av-dali-varnish-02
server
MNCDN-237
x-mnrequest-id
b22d10c8fab828b1a17ecc5e7fd30812
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
DE-372
hbus.min.v3.8.26.js
images.hepsiburada.net/hbus/ 		110 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/hbus/hbus.min.v3.8.26.js
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
c3e96e8e559e3e2c318695e050684dfa4c7044531ed94db3fc7d9c915e6ce8a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
server
MNCDN-237
x-mnrequest-id
c344eb8b76562424421aa4589226d15a
etag
W/"62820f7d-1b6b4"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
x-mserver
DE-372
expires
Sun, 05 Nov 2023 16:41:28 GMT
constants.json
images.hepsiburada.net/assets/sardes/wallet/redesign/json/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/assets/sardes/wallet/redesign/json/constants.json?ko38bcpa4b
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
5a81bef6d3b95c7f2a7d38f86f9054b842522303c86e057a891171380eb94969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
server
MNCDN-237
x-mnrequest-id
89253e25f753dfd8195d01c1fef895dd
x-edge-location
DE-372
etag
W/"653a5b3c-393e"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache no-store
x-cdn-forward
medianova
timing-allow-origin
*
x-mserver
MNCDN-2137
/
hepsipay-sentry.hepsipay.com/api/2/envelope/ 		2 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hepsipay-sentry.hepsipay.com/api/2/envelope/?sentry_key=0550ff95520c4b34993e6e01a55f8173&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
82.222.9.40 Magnesia ad Sipylum, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-9-40.reverse.superonline.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.hepsiburada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 17 Feb 2024 15:21:14 GMT
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://www.hepsiburada.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
Connection
keep-alive
Content-Length
2
603-Standard.js
images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/ 		76 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/603-Standard.js
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
fe0c29e9c53ea8acd0f5078f38078d4d42fc144e62f27d2e876c54d7e2fd7ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-av
vha6-origin
av-dali-varnish-01
server
MNCDN-237
x-mnrequest-id
390568c0f6fff1ccf86dd4b72790eaf0
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
MNCDN-2137
3646-aadba78d15544a4e4df5.css
images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/3646-aadba78d15544a4e4df5.css
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
e5ad5c7b0d29a9bcb932b6b96e81e7d18c0958b6f92ce78ae118ed62a5a290f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-av
vha6-origin
av-dali-varnish-02
server
MNCDN-237
x-mnrequest-id
7fcda0253eece8500d0941896f320000
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
DE-372
WalletAuthPage-Standard.js
images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/WalletAuthPage-Standard.js
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.79 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-237 /
Resource Hash
0d47eb5410c27464ca014c66d7bb8921263da027471dfb19a996d168dd812742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hepsiburada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:21:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-varnish-forward
ss-av
server
MNCDN-237
x-mnrequest-id
f2c5d9630ab243aa52334ba54dc00fcd
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000s
x-cdn-forward
medianova
timing-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-mserver
DE-372
hphandshake
hepsipay-gateway.hepsiburada.com/auth/account/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hepsipay-gateway.hepsiburada.com/auth/account/hphandshake
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.248.170 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-248-170.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channel,client-id,content-type,devicetype,osplatform,platform,sourceteam,tenant-id,x-mfe-login-flow,x-mfe-team-name,x-user-id
Access-Control-Request-Method
POST
Origin
https://www.hepsiburada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate max-age=0, no-cache, no-store
content-length
707
content-type
text/html
date
Sat, 17 Feb 2024 15:21:14 GMT
expires
0 Sat, 17 Feb 2024 15:21:14 GMT
mime-version
1.0
pragma
no-cache no-cache
server
AkamaiGHost
server-timing
ak_p; desc="1708183274551_34628878_912422813_28_12697_13_0_219";dur=1
strict-transport-security
max-age=31536000
session
hepsipay-gateway.hepsiburada.com/auth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hepsipay-gateway.hepsiburada.com/auth/session
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.248.170 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-248-170.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channel,client-id,content-type,devicetype,osplatform,platform,sourceteam,tenant-id,x-mfe-team-name,x-user-id
Access-Control-Request-Method
GET
Origin
https://www.hepsiburada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate max-age=0, no-cache, no-store
content-length
707
content-type
text/html
date
Sat, 17 Feb 2024 15:21:14 GMT
expires
0 Sat, 17 Feb 2024 15:21:14 GMT
mime-version
1.0
pragma
no-cache no-cache
server
AkamaiGHost
server-timing
ak_p; desc="1708183274551_34628878_912422814_22_27880_13_0_219";dur=1
strict-transport-security
max-age=31536000
hphandshake
hepsipay-gateway.hepsiburada.com/auth/account/ 		0
0
session
hepsipay-gateway.hepsiburada.com/auth/ 		0
0
/
hepsipay-sentry.hepsipay.com/api/2/envelope/ 		2 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hepsipay-sentry.hepsipay.com/api/2/envelope/?sentry_key=0550ff95520c4b34993e6e01a55f8173&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
82.222.9.40 Magnesia ad Sipylum, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-9-40.reverse.superonline.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.hepsiburada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 17 Feb 2024 15:21:14 GMT
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://www.hepsiburada.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
Connection
keep-alive
Content-Length
2
/
hepsipay-sentry.hepsipay.com/api/2/envelope/ 		41 B
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hepsipay-sentry.hepsipay.com/api/2/envelope/?sentry_key=0550ff95520c4b34993e6e01a55f8173&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
82.222.9.40 Magnesia ad Sipylum, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-9-40.reverse.superonline.net
Software
nginx /
Resource Hash
03d48c95631ed7b9119687fb1e62fefbb74427ac700dc9265d7f1e4f83fd016b

Request headers

Referer
https://www.hepsiburada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 17 Feb 2024 15:21:14 GMT
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://www.hepsiburada.com
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
Connection
keep-alive
Content-Length
41
/
hepsipay-sentry.hepsipay.com/api/2/envelope/ 		41 B
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hepsipay-sentry.hepsipay.com/api/2/envelope/?sentry_key=0550ff95520c4b34993e6e01a55f8173&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
82.222.9.40 Magnesia ad Sipylum, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-9-40.reverse.superonline.net
Software
nginx /
Resource Hash
af39c885e876382c4d455e246a1c799ddf96cb7114c419555e527cc3c185b189

Request headers

Referer
https://www.hepsiburada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 17 Feb 2024 15:21:14 GMT
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://www.hepsiburada.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
Connection
keep-alive
Content-Length
41
/
hepsipay-sentry.hepsipay.com/api/2/envelope/ 		41 B
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hepsipay-sentry.hepsipay.com/api/2/envelope/?sentry_key=0550ff95520c4b34993e6e01a55f8173&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0
Requested by
Host: images.hepsiburada.net
URL: https://images.hepsiburada.net/payment/assets/walletmfe/production/wv1172472/project/assets/Wallet-Standard.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
82.222.9.40 Magnesia ad Sipylum, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-9-40.reverse.superonline.net
Software
nginx /
Resource Hash
9d283b3a995ee710d61323728b3acec1d8e6ba09dd76f9ea27e1e6fbb215f5b8

Request headers

Referer
https://www.hepsiburada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 17 Feb 2024 15:21:15 GMT
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://www.hepsiburada.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
Connection
keep-alive
Content-Length
41

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cuzdanim-gateway.hepsiburada.com
URL
https://cuzdanim-gateway.hepsiburada.com/featuretoggle?key=SentryIntegration
Domain
hepsipay-gateway.hepsiburada.com
URL
https://hepsipay-gateway.hepsiburada.com/auth/account/hphandshake
Domain
hepsipay-gateway.hepsiburada.com
URL
https://hepsipay-gateway.hepsiburada.com/auth/session

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| library function| hj object| _hjSettings object| webpackJsonp object| regeneratorRuntime object| _cf object| bmak string| _sdTrace object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| SARDESWALLET object| HbEventBus string| voltran_project_version function| fc function| pc function| mc function| ra function| Ql function| Jl function| Zl function| Se function| Nt function| Xl function| ls object| WP_SARDESWALLET_VLTRN object| __SENTRY__ object| eventDataList object| hwindow function| HBus object| hbAnalytics object| hepsiBus object| hp object| HPAuth string| HPGatewayUrl

5 Cookies

Domain/Path Name / Value
.hepsiburada.com/ Name: bm_sz
Value: 75B1869ABF5448E4E382D8116B2B4CFA~YAAQ5IdkXyjXJWWNAQAAqz2otxahQGW9K+O996tOC+RIUdO5XXmMcJjMbX8JLnKElRrjr4PhGYK7mtD5z/Gndob9CScNCom/k7ifzn6Y0mAxhRZOkbde2rSGuCFy4MBJI4iUVg9hRhE1QsxcQqvtMAJoImK4HJ+BBshjfsUXG4UzrqnMFGEIlrZ4Yuu9hNxO+/uIivg6osXgUuHDaZ2LspXMGqzl8wyN2Kl5mI9fVAFKVUh7KCOBCEj3UvmN5q9Q7YB9H4aI3M/X6+Zt45qSJNxdS5N/iTDX8R/hBFCI4OC9VtAhZzgIXlArXyTlkmFG/0kZcjGmcI/hJQncoYOS9H2E~3486514~3617603
.hepsiburada.com/ Name: _abck
Value: F4170CD77E72E7DA550C9A8A92799BD6~0~YAAQ5IdkXzTXJWWNAQAA7T6otwugUyjF0KkrTrSJBrBtAZHo+6Bant+SuYdPPWUch6qiBAAQfpFk9AhmHFdMF21KgN9we4Yp+nDKiEghrIoeI4tc+gchrUJaJ6640mPJIItg45NNuS4mIQzGlWdRL4yM0NRmmTVfMykVmuzsWz3W8tYgUW3g7ACX4t+Oiq44uopQ+7gRWNV5Vx+Lem10KsDL9QYEuD/GbXTqptzcIGZzJu9zUbP6JNjT9Xkx7GTgIyYGIwKu7F8Wl1rqrvVFAXE/+FK+jA7oQG4FJbGlh8bHlRYt/PZvtw8saGCac25Tg1GB9OqyhKl3xB0AVfY0IsFgaOMX+QONDY8HkHxsZByV9Zv+hbpg/J1Jm5GzWrZ579d90f+iIWLCICX4UrYdf9Y1EUxqTRG9pDHoMK8=~-1~-1~-1
.hepsiburada.com/ Name: _hjSessionUser_216130
Value: eyJpZCI6ImU5OTcwNTdhLTk5MTktNTA5OC1iNTZhLTk2ZDM0NGE0NDFjYiIsImNyZWF0ZWQiOjE3MDgxODMyNzMyMTAsImV4aXN0aW5nIjpmYWxzZX0=
.hepsiburada.com/ Name: _hjSession_216130
Value: eyJpZCI6IjcyMDdhNDIwLTUwNWEtNDVjMy05NTIzLThlZTQzNjllNTJhNyIsImMiOjE3MDgxODMyNzMyMTEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.hepsiburada.com/ Name: hpActivePage
Value: login

6 Console Messages

Source Level URL
Text
javascript error URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Message:
Access to XMLHttpRequest at 'https://cuzdanim-gateway.hepsiburada.com/featuretoggle?key=SentryIntegration' from origin 'https://www.hepsiburada.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cuzdanim-gateway.hepsiburada.com/featuretoggle?key=SentryIntegration
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Message:
Access to fetch at 'https://hepsipay-gateway.hepsiburada.com/auth/account/hphandshake' from origin 'https://www.hepsiburada.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://hepsipay-gateway.hepsiburada.com/auth/account/hphandshake
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.hepsiburada.com/cuzdanim/?utm_source=email&utm_medium=newsletter&utm_campaign=hemenalsonraode&utm_content=pazarlama&utm_term=68xx-all&wt_em=newsletter.hemenalsonraode.pazarlama.68xx-all&af_xp=custom&source_caller=ui&pid=CRM&is_retargeting=true&af_click_lookback=7d&shortlink=bho74rn2&af_adset=email-hepsiburada-hemenalsonraode&af_ad=68xx-all&c=Email
Message:
Access to fetch at 'https://hepsipay-gateway.hepsiburada.com/auth/session' from origin 'https://www.hepsiburada.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://hepsipay-gateway.hepsiburada.com/auth/session
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hps.im
cuzdanim-gateway.hepsiburada.com
fonts.gstatic.com
hepsipay-gateway.hepsiburada.com
hepsipay-sentry.hepsipay.com
hepsipay-ui-mfe.hepsiburada.com
images.hepsiburada.net
script.hotjar.com
static.hotjar.com
voltrancommon.hepsiburada.com
www.hepsiburada.com
cuzdanim-gateway.hepsiburada.com
hepsipay-gateway.hepsiburada.com
18.245.253.99
2.16.98.49
2.17.22.66
23.192.248.170
2a00:1450:4001:830::2003
2a02:26f0:480:d::210:f157
31.3.2.79
34.246.127.31
52.222.139.110
82.222.9.40
03d48c95631ed7b9119687fb1e62fefbb74427ac700dc9265d7f1e4f83fd016b
0c6c8cb6a26134f999aff0e5612dff1413420045bff1630c1a7ad3652ead75bd
0d47eb5410c27464ca014c66d7bb8921263da027471dfb19a996d168dd812742
0f8aa5e7a5e9ccfec4b7c9f5e45308da58b758b347035a808e42bfea00c222cd
133f19808ad2e93005423e6f4cef4a4ea9f911b0b749758c26dd2e051a4c37ea
284d8be3cd16b6473879ab72b54a7e437df83c7c5e5d0c06ac84d7dbf685f797
38dd2739a42d2f60c00013395c992f71527a0f652e5c3ccc47f637b6aa3e1013
3b223625f3fbbad2c7bba65c141421422d9d1b1da3bb4602a8c61c23b35e62c4
3cc430510deb66a09317267d3be3a3ca720850d297ddc90166ef667617aee2e7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eca66c195958f94da8ec6dcc0a6ab1968b8d03fae46e5311a4369a4423fa3c
5a81bef6d3b95c7f2a7d38f86f9054b842522303c86e057a891171380eb94969
799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b
995be389847cc41ed35293de135a6497788dc3932fced6bee1760269fb373ae3
9c0ffd28c155fed4cb2f1e444564124a87a76024e7f3ec78417464e21fa1f833
9d283b3a995ee710d61323728b3acec1d8e6ba09dd76f9ea27e1e6fbb215f5b8
af39c885e876382c4d455e246a1c799ddf96cb7114c419555e527cc3c185b189
bc0d86cd6f2af2cf83ce77274a90838a38426c34df1953ea926e002c07a799f6
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c3e96e8e559e3e2c318695e050684dfa4c7044531ed94db3fc7d9c915e6ce8a0
d3687843bdd9e8b07c88e9b88f1f967d3f1ae92ecd86dbbc085db625d30d6097
e5ad5c7b0d29a9bcb932b6b96e81e7d18c0958b6f92ce78ae118ed62a5a290f0
fe0c29e9c53ea8acd0f5078f38078d4d42fc144e62f27d2e876c54d7e2fd7ea4