betschecker.co.uk Open in urlscan Pro
2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace Public Scan

Go To Rescan
Add Verdict Report

URL:
https://betschecker.co.uk/
Submission: On February 13 via api (February 13th 2024, 1:56:58 pm UTC) from US — Scanned from US

Summary HTTP 70 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 70 HTTP transactions. The main IP is 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is betschecker.co.uk.
TLS certificate: Issued by R3 on February 11th 2024. Valid for: 3 months.

This is the only time betschecker.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a02:4780:84:... 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace	47583 (AS-HOSTINGER) (AS-HOSTINGER)
6	20.93.81.72 20.93.81.72	() ()
4	2606:4700::68... 2606:4700::6812:ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2006	15169 (GOOGLE) (GOOGLE)
24	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
70	9

9 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace (Cyprus)

ASN47583 (AS-HOSTINGER, CY)

betschecker.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.93.81.72 (Dublin, Ireland)

ASN- ()

campaigns.williamhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

mediaserver.entainpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlwilliamhill.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	415 KB
9	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 157 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 566	90 KB
9	betschecker.co.uk betschecker.co.uk	50 KB
6	eacdn.com wlwilliamhill.eacdn.com — Cisco Umbrella Rank: 979058	11 KB
6	williamhill.com campaigns.williamhill.com — Cisco Umbrella Rank: 605253	8 KB
4	entainpartners.com mediaserver.entainpartners.com — Cisco Umbrella Rank: 209388	63 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	242 KB
70	7

	Domain	Requested by
24	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
9	betschecker.co.uk	betschecker.co.uk
6	googleads4.g.doubleclick.net	ad.doubleclick.net
6	wlwilliamhill.eacdn.com	campaigns.williamhill.com
6	campaigns.williamhill.com	betschecker.co.uk wlwilliamhill.eacdn.com
4	mediaserver.entainpartners.com	betschecker.co.uk mediaserver.entainpartners.com
3	s0.2mdn.net	ad.doubleclick.net
3	ad.doubleclick.net	wlwilliamhill.eacdn.com
70	9

This site contains links to these domains. Also see Links.

Domain
www.footballbookies.co.uk
www.gambleaware.co.uk

Subject Issuer	Validity	Valid
betschecker.co.uk R3	`2024-02-11` - `2024-05-11`	3 months	crt.sh
campaigns.williamhill.com HydrantID Server CA O1	`2023-11-07` - `2024-12-01`	a year	crt.sh
mediaserver.entainpartners.com Cloudflare Inc ECC CA-3	`2024-01-11` - `2024-12-31`	a year	crt.sh
ia-prod-azurecdn.eacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://betschecker.co.uk/
Frame ID: 122992CF10518E79B2A186476B137B41
Requests: 9 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=
Frame ID: ADA2FED8FF24006BBB65E0782B36A606
Requests: 3 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=
Frame ID: 1EDA007A0A34ADE65C9D49E69DFE7E04
Requests: 3 HTTP requests in this frame

Frame: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022780&t=f&v=1&securedDomain=y
Frame ID: 352C1F09FCABBB2CB95AFCD98A5559DF
Requests: 2 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=
Frame ID: EB4018A73807EC3D61FA025E3486EED0
Requests: 3 HTTP requests in this frame

Frame: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022762&t=f&v=1&securedDomain=y
Frame ID: 1060A3D76FC834044E97460255CEBF0D
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558678;sz=234x60;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=&MediaID=370&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: B3E7A39709BF69D670666A8C5697A7BE
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=&t=638434294132250000&MediaID=370&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: 319916A0A1CE8861F5F4ED72FC2F89B5
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558693;sz=120x240;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=&MediaID=362&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: FC52783FB930EB733634B2F38A98310A
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=&t=638434294132630000&MediaID=362&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: FFB4C7FE18EE9B4B19DAA1D3D3FE0BFA
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=&MediaID=386&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: AC01D153A1F2ED5BF8ECEC8E831781BA
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=&t=638434294135170000&MediaID=386&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: B91ED056023DF67C9D39932CDAA7458E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2D235A19CF258C5325B8C1953EB32255
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DB8C5EE8CE1344F6BBF41E391F4E48E9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CA57D60522F9E9A1E6DFB0DC87557BE8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: 113E433038CD7FD7CC673904790E8714
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: E5D8704B69E1C13AC30093A5837810E6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: 8F4A35AA4E6E155547609ED03142CD24
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Betschecker | Compare betting odds | Betschecker.co.uk

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

70
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

879 kB
Transfer

1800 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.footballbookies.co.uk/
Title: Betschecker.co.uk

Search URL Search Domain Scan URL

URL: http://www.gambleaware.co.uk/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
betschecker.co.uk/ 13 KB
4 KB 1269ms
504ms Document
text/html 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://betschecker.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

69112d907de46509e56eb7a56c4422c4282097b2d8a90e8b57925339d8686846

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-length: 3829
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Tue, 13 Feb 2024 13:56:51 GMT
etag: "33a0-6407ab46-9f4760a3cc71c638;br"
last-modified: Tue, 07 Mar 2023 21:23:18 GMT
platform: hostinger
server: hcdn
x-hcdn-cache-status: DYNAMIC
x-hcdn-request-id: e3c015c64bc7630405d9483fa2491c78-phx-edge2
x-hcdn-upstream-rt: 0.418
x-turbo-charged-by: LiteSpeed

GET
H2 200 law.js Show response
betschecker.co.uk/ 2 KB
1 KB 524ms
519ms Script
application/x-javascript 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://betschecker.co.uk/law.js

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ad35522dc0e9dea8cf27f3ef4613b33c1efce4e601ac449e43366c6fde684efd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 964
x-hcdn-cache-status: MISS
last-modified: Mon, 24 Sep 2018 10:06:36 GMT
server: hcdn
etag: "94e-5ba8b72c-d193f4043df62f25;br"
x-hcdn-request-id: ceedaa16443faed134bf8ab494d408ba-phx-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.430
accept-ranges: bytes
platform: hostinger
expires: Tue, 20 Feb 2024 13:56:51 GMT

GET
H2 200 betschecker.jpg
betschecker.co.uk/images/ 6 KB
6 KB 654ms
652ms Image
image/webp 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betschecker.co.uk/images/betschecker.jpg
Requested by: Host: betschecker.co.uk
URL: https://betschecker.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 354252bf4d180df3782017961b51413692aa08e73e71c32fe4dbc917e3c93c44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: b61c0985a1160c42f6f2f7bc71799c0a-phx-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.567
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6034

GET
H3 200 betfair.gif
betschecker.co.uk/images/ 14 KB
15 KB 512ms
511ms Image
image/gif 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betschecker.co.uk/images/betfair.gif

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

c54b7c3c087620ba8dbbd6519937e84fe0708781dbae9c33c6f2ec41132addc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 14629
x-hcdn-cache-status: MISS
last-modified: Wed, 18 Oct 2017 14:53:26 GMT
server: hcdn
etag: "3925-59e76ae6-efb14282e964bcbd;;;"
x-hcdn-request-id: 191e3b4a5302448e9b6e535f42180724-phx-edge2
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.425
accept-ranges: bytes
platform: hostinger
expires: Tue, 20 Feb 2024 13:56:52 GMT

GET
H3 200 coral.gif
betschecker.co.uk/images/ 14 KB
14 KB 517ms
513ms Image
image/gif 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betschecker.co.uk/images/coral.gif

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

3f24591817e0af338fd7d1e2a794a1abea49f169fbbfe531b87f7f045a266d9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 14177
x-hcdn-cache-status: MISS
last-modified: Wed, 18 Oct 2017 14:52:32 GMT
server: hcdn
etag: "3761-59e76ab0-a7690c7499eaef79;;;"
x-hcdn-request-id: ae19ec86b701704e0e5cf5d179bdb5f1-phx-edge2
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.427
accept-ranges: bytes
platform: hostinger
expires: Tue, 20 Feb 2024 13:56:52 GMT

GET
H3 200 ladbrokes.gif
betschecker.co.uk/images/ 2 KB
2 KB 518ms
516ms Image
image/gif 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betschecker.co.uk/images/ladbrokes.gif

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

1a2a186b14385f0be015f71793ee7a89d2015ce2b3ce2af119e17879f00b7ba1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1578
x-hcdn-cache-status: MISS
last-modified: Fri, 24 Apr 2015 13:12:12 GMT
server: hcdn
etag: "62a-553a412c-e229941ebbc0568f;;;"
x-hcdn-request-id: 40166be6b30bc74b36d1072f3998f62e-phx-edge2
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.427
accept-ranges: bytes
platform: hostinger
expires: Tue, 20 Feb 2024 13:56:52 GMT

GET
H3 200 william%20hill.gif
betschecker.co.uk/images/ 2 KB
2 KB 534ms
532ms Image
image/gif 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betschecker.co.uk/images/william%20hill.gif

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

b200011a65b8e5de97df43708b8ce97430df7d6cd50dbb507825fe3d8fc7d538

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1780
x-hcdn-cache-status: MISS
last-modified: Fri, 24 Apr 2015 13:12:26 GMT
server: hcdn
etag: "6f4-553a413a-d9feb15766d85b99;;;"
x-hcdn-request-id: d1b57510d37eab43903da3f3314edb58-phx-edge2
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.428
accept-ranges: bytes
platform: hostinger
expires: Tue, 20 Feb 2024 13:56:52 GMT

GET
H3 200 stanjames.gif
betschecker.co.uk/images/ 1 KB
2 KB 511ms
509ms Image
image/gif 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betschecker.co.uk/images/stanjames.gif

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

2cbfe6be4f54970a21931f83fc0308a720c82d25336b244726fe6c1a99cd6dd6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
content-length: 1477
x-hcdn-cache-status: MISS
last-modified: Fri, 24 Apr 2015 13:12:26 GMT
server: hcdn
etag: "5c5-553a413a-eec3ff684d31595f;;;"
x-hcdn-request-id: 26876e09ee8ce727a01afb4894c40c51-phx-edge2
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
x-hcdn-upstream-rt: 0.423
accept-ranges: bytes
platform: hostinger
expires: Tue, 20 Feb 2024 13:56:52 GMT

GET
H2 200 780_GA.jpg
betschecker.co.uk/images/ 3 KB
4 KB 513ms
511ms Image
image/webp 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betschecker.co.uk/images/780_GA.jpg
Requested by: Host: betschecker.co.uk
URL: https://betschecker.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 5b2d221124512318812afd8786043d84fb9d7d4b836a2447585bf767294cfc3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://betschecker.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: d2b6f03555acad413ea05f85a151655b-phx-edge2
content-type: image/webp
cache-control: public, max-age=604800
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.425
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3486

GET
H/1.1 200
OK I.ashx Show response
campaigns.williamhill.com/ Frame ADA2 1 KB
2 KB 562ms
142ms Document
text/html 20.93.81.72

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/I.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e5348a5c66a89bafabd80f8c8b7cbbd8275a710fce2fc38f8bb7d0773a758a88

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://betschecker.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 1447
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Feb 2024 13:56:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK I.ashx Show response
campaigns.williamhill.com/ Frame 1EDA 1 KB
2 KB 556ms
141ms Document
text/html 20.93.81.72

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/I.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

52fad190e3cda69e17ac2d6456f9e8ad84bf3024275d7d8942c706148d353d70

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://betschecker.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 1446
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Feb 2024 13:56:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 renderBanner.do Show response
mediaserver.entainpartners.com/ Frame 352C 474 B
829 B 679ms
560ms Document
text/html 2606:4700::6812:ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022780&t=f&v=1&securedDomain=y
Requested by: Host: betschecker.co.uk
URL: https://betschecker.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565c5518ecbcd6af141e31412e03c9c20b9126ca8049c3247736768ffc764246

Request headers

Referer: https://betschecker.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 854d93c34e51225d-MIA
content-encoding: gzip
content-language: en-US
content-type: text/html;charset=ISO-8859-1
date: Tue, 13 Feb 2024 13:56:52 GMT
server: cloudflare
vary: Accept-Encoding
x-ua-compatible: IE=EmulateIE7

GET
H/1.1 200
OK I.ashx Show response
campaigns.williamhill.com/ Frame EB40 1 KB
2 KB 518ms
140ms Document
text/html 20.93.81.72

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/I.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=

Requested by

Host: betschecker.co.uk
URL: https://betschecker.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

896a7756f4d7a10c5a7ad1b90b4cc88a71294aca2682f9f66128013d622f49d7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://betschecker.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 1447
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Feb 2024 13:56:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 renderBanner.do Show response
mediaserver.entainpartners.com/ Frame 1060 470 B
665 B 645ms
562ms Document
text/html 2606:4700::6812:ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022762&t=f&v=1&securedDomain=y
Requested by: Host: betschecker.co.uk
URL: https://betschecker.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 099d1a935985ad4ccf54d7b525573a424ae196fb8605cbb36f5815581973f1be

Request headers

Referer: https://betschecker.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 854d93c34e52225d-MIA
content-encoding: gzip
content-language: en-US
content-type: text/html;charset=ISO-8859-1
date: Tue, 13 Feb 2024 13:56:52 GMT
server: cloudflare
vary: Accept-Encoding
x-ua-compatible: IE=EmulateIE7

GET
H2 200 s.5.6.min.js Show response
wlwilliamhill.eacdn.com/TrafficOpt/ Frame EB40 7 KB
3 KB 354ms
159ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
x-azure-ref-originshield: 0JXXLZQAAAABiRC5meIZ6TpDdUXIJvjT8TU5aMjIxMDYwNjExMDA5ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "56fbf9ff-1a7b"
x-azure-ref: 0JHXLZQAAAACpzfTnpWXpRrpIN3ta30SWTUlBRURHRTMwMTYANThiMmFiNTctOGQ3Ni00MWMxLTgzOTYtMmZmODA4NmU1OGRj
x-cache: TCP_REMOTE_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 Ad_304.js Show response
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ Frame EB40 1 KB
974 B 456ms
262ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_304.js?t=2024021313
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 37a042f4b98dae34378e89ab1a0659e1369c6525a8586774fa9091ce9a9c7525

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-encoding: br
last-modified: Mon, 20 Nov 2023 08:40:18 GMT
x-azure-ref-originshield: 0JXXLZQAAAADhpJyohOFjQaKu7/PGcHFOTU5aMjIxMDYwNjEyMDMxADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "655b1b72-58a"
x-azure-ref: 0JHXLZQAAAADLLTiSJgkcSrqhdBNfc8MJTUlBRURHRTMwMTYANThiMmFiNTctOGQ3Ni00MWMxLTgzOTYtMmZmODA4NmU1OGRj
x-cache: TCP_MISS
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 s.5.6.min.js Show response
wlwilliamhill.eacdn.com/TrafficOpt/ Frame 1EDA 7 KB
3 KB 335ms
163ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
x-azure-ref-originshield: 0JXXLZQAAAABiRC5meIZ6TpDdUXIJvjT8TU5aMjIxMDYwNjExMDA5ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "56fbf9ff-1a7b"
x-azure-ref: 0JHXLZQAAAAAqVm7XgWGtRZ6sRiGysmQwTUlBRURHRTMwMTYANThiMmFiNTctOGQ3Ni00MWMxLTgzOTYtMmZmODA4NmU1OGRj
x-cache: TCP_REMOTE_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 Ad_328.js Show response
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ Frame 1EDA 1 KB
964 B 699ms
528ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_328.js?t=2024021313
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d35061382f7fe798bfdc81dd5837f6ebe1896bdb5c1cb1edbf960911821bcdd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-encoding: br
last-modified: Mon, 20 Nov 2023 08:35:33 GMT
x-azure-ref-originshield: 0JXXLZQAAAADyBwRU8y0PTYjKYmE+8gv5TU5aMjIxMDYwNjExMDE3ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "655b1a55-58a"
x-azure-ref: 0JHXLZQAAAACEhU/wVGrERJ3+ElWtW8CeTUlBRURHRTMwMTYANThiMmFiNTctOGQ3Ni00MWMxLTgzOTYtMmZmODA4NmU1OGRj
x-cache: TCP_MISS
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 s.5.6.min.js Show response
wlwilliamhill.eacdn.com/TrafficOpt/ Frame ADA2 7 KB
3 KB 336ms
166ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
x-azure-ref-originshield: 0JXXLZQAAAABiRC5meIZ6TpDdUXIJvjT8TU5aMjIxMDYwNjExMDA5ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "56fbf9ff-1a7b"
x-azure-ref: 0JHXLZQAAAAC6RibHBfMkS58eDE8BcormTUlBRURHRTMwMTYANThiMmFiNTctOGQ3Ni00MWMxLTgzOTYtMmZmODA4NmU1OGRj
x-cache: TCP_REMOTE_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 Ad_312.js Show response
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ Frame ADA2 1 KB
973 B 402ms
233ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_312.js?t=2024021313
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b20eb4e7e9ed2ff2fe9ee1e2c7bc25673ddea40f3c6ae2370fe10ecb4c3dcdf8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:52 GMT
content-encoding: br
last-modified: Mon, 20 Nov 2023 08:40:01 GMT
x-azure-ref-originshield: 0JXXLZQAAAADLB9hM4s3qS5/mK4QiCSs8TU5aMjIxMDYwNjEyMDE5ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "655b1b61-587"
x-azure-ref: 0JHXLZQAAAAD54rlg0FY9Qq8czDnI6v9RTUlBRURHRTMwMTYANThiMmFiNTctOGQ3Ni00MWMxLTgzOTYtMmZmODA4NmU1OGRj
x-cache: TCP_MISS
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 293253_160_x_600.gif
mediaserver.entainpartners.com/images/AdServer/Ladbrokes/Sports/ Frame 352C 28 KB
28 KB 690ms
679ms Image
image/gif 2606:4700::6812:ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaserver.entainpartners.com/images/AdServer/Ladbrokes/Sports/293253_160_x_600.gif
Requested by: Host: mediaserver.entainpartners.com
URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022780&t=f&v=1&securedDomain=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8bc601b306a12f21b569988b073383dc17d76c69e72cdb8204297a6880befbd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022780&t=f&v=1&securedDomain=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:53 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 15:35:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400, public
accept-ranges: bytes
cf-ray: 854d93c6eab6225d-MIA
content-length: 28275
x-ua-compatible: IE=EmulateIE7

GET
H2 200 291369_120x600_DMP.gif
mediaserver.entainpartners.com/images/AdServer/Coral/Sports/ Frame 1060 34 KB
34 KB 718ms
708ms Image
image/gif 2606:4700::6812:ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaserver.entainpartners.com/images/AdServer/Coral/Sports/291369_120x600_DMP.gif
Requested by: Host: mediaserver.entainpartners.com
URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022762&t=f&v=1&securedDomain=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dce5b955d6f17da45d02a5bec65b5bf09b442220ee917e652b0eb7a1e5e3d6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022762&t=f&v=1&securedDomain=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:53 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Mar 2021 16:35:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400, public
accept-ranges: bytes
cf-ray: 854d93c6eab9225d-MIA
content-length: 34304
x-ua-compatible: IE=EmulateIE7

GET
H2 200 C.ashx Show response
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558678;sz=234x60;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame B3E7 64 KB
30 KB 319ms
171ms Document
text/html 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558678;sz=234x60;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=&MediaID=370&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

a0975646ba6e49c009ce48290d5f94baf62ef928961526d3cbc75a4b856da7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaigns.williamhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29877
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 13:56:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK T.ashx Show response
campaigns.williamhill.com/ Frame 3199 0
765 B 146ms
141ms Document
text/plain 20.93.81.72

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/T.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=&t=638434294132250000&MediaID=370&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 13 Feb 2024 13:56:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 C.ashx Show response
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558693;sz=120x240;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame FC52 64 KB
30 KB 239ms
110ms Document
text/html 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558693;sz=120x240;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=&MediaID=362&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

c70dbb2529cc1b4bd3d300bc91695597d08eeada28a8750275233c84427133ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaigns.williamhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 30069
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 13:56:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK T.ashx Show response
campaigns.williamhill.com/ Frame FFB4 0
765 B 140ms
136ms Document
text/plain 20.93.81.72

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/T.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=&t=638434294132630000&MediaID=362&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 13 Feb 2024 13:56:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 C.ashx Show response
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame AC01 64 KB
30 KB 117ms
114ms Document
text/html 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=&MediaID=386&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

52e633f1f9d2614fb1a43612aef34e877a88ad29d11de6930ef48bb0ee408c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaigns.williamhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 30393
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 13:56:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK T.ashx Show response
campaigns.williamhill.com/ Frame B91E 0
765 B 139ms
139ms Document
text/plain 20.93.81.72

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/T.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=&t=638434294135170000&MediaID=386&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 13 Feb 2024 13:56:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.3
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 13711166760487629563
s0.2mdn.net/simgad/ Frame FC52 29 KB
30 KB 465ms
288ms Image
image/gif 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13711166760487629563

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558693;sz=120x240;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_304c_&affid=1213670&siteid=46719&adid=304&c=&MediaID=362&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f6a81008221539aa85ae6192bdbc4bf835d350623fd584f4ad83a8cbbaad26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 13 Feb 2024 13:56:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30146
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:39:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Feb 2025 13:56:53 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/ Frame FC52 10 KB
4 KB 320ms
144ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4124
x-xss-protection: 0
server: cafe
etag: 9042593224187393105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:53:57 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame FC52 12 KB
5 KB 237ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:51:25 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FC52 203 KB
61 KB 312ms
151ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 14:27:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC52 0
0 280ms
124ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTEoz_RIAyQh9D1Bk3Nf_XrZ8b1XJm5XjmakHMYyNwbggM1V1S66AQBiCCjHGKOKWBik5nNfYtTTQUUpExgqMrcd5HOgARQ0g1aPURwbYpeoyWiIPStkZy5PREypz0rXeHLpm4kBkk9SALjAneapyatUr7qlihFkcOo-Z5QsOce8NmnnVMzUw&sai=AMfl-YRO5pneF3pMiobz04-QTPK9ynDlwJCEChkuTHAGiOoeQRu68aG_VNQW6PpsKPhfEmZ5k2Xf0sZUvSXED-Q&sig=Cg0ArKJSzEVOkTJFSLRNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20240208.42301&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 13:56:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FC52 41 KB
14 KB 244ms
81ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 18:14:20 GMT

GET
H2 200 9426670474257292023
s0.2mdn.net/simgad/ Frame B3E7 19 KB
19 KB 401ms
277ms Image
image/gif 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9426670474257292023

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23703284.265558678;sz=234x60;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_312c_&affid=1213670&siteid=46719&adid=312&c=&MediaID=370&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b38d0c659026a67650d0d8bb53940dccb939a3876b16bffe476034375f3715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 13 Feb 2024 13:56:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19111
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:39:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Feb 2025 13:56:53 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/ Frame B3E7 10 KB
4 KB 331ms
210ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4124
x-xss-protection: 0
server: cafe
etag: 9042593224187393105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:53:57 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B3E7 203 KB
61 KB 360ms
257ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 14:27:24 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame B3E7 12 KB
4 KB 315ms
214ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:51:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3E7 0
0 215ms
127ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkxvqN8H-KhmFeQroG2n9pGMIdecWZGzfoP_aBGqZi1dZPv3x6iBQZ1tL0Y4TKLbCWohfbcF5kkEzhxVf9bVBfCUZcfr3MgXf0ja4efPiPpKVGXrHpfafyGrhNLGjNUbvtp7Q_xHkE4nXL02fDUVv026RGgC02znOuV_CoTBvDj39e3mFMqjo&sai=AMfl-YTV8RvL_6Ae7zLPSBhYgumnuHwn1tqG67Poex3wYyHXk4Jfyz-YGPAZgmnu1XjIfAlIHynrHrKtUTaGfF8&sig=Cg0ArKJSzOUbS2PrPIKXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20240208.44137&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 13:56:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B3E7 41 KB
14 KB 197ms
84ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 18:14:20 GMT

GET
H2 200 2013865845907017244
s0.2mdn.net/simgad/ Frame AC01 193 KB
193 KB 127ms
70ms Image
image/gif 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2013865845907017244

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_328c_&affid=1213670&siteid=46719&adid=328&c=&MediaID=386&IsAd=1&IAref=https%3A%2F%2Fbetschecker.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef78664b248487c0ef262cab2e051c35305af75f2c9bef4fa63f7e0995f9461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Mon, 10 Feb 2025 12:12:10 GMT
date: Sun, 11 Feb 2024 12:12:10 GMT
x-content-type-options: nosniff
age: 179083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197290
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:39:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/ Frame AC01 10 KB
4 KB 260ms
206ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4124
x-xss-protection: 0
server: cafe
etag: 9042593224187393105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:53:57 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame AC01 12 KB
4 KB 251ms
197ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:51:25 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AC01 203 KB
61 KB 92ms
70ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 14:27:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC01 0
0 141ms
130ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqDWMtzYmaaTdHxsY-n8M9qj6ZqwI12vBplCpst6NZd28-Bq9DVgHBOHqgSOUeT7Zn4yrnWb6t7l7WgkVF4AaiGvGvCFSfUBoVZx8x6OtQpgPanrHzFJXYw_BIk7sEnfDqW1V3B17dSILpkKN4ZlheUod_CJeKUhYQyvZajDV5SnUfBY3pbq3OWFmn869Xw-vB7O6WT5Qr4tW1D1QvRUvJ99AtISFbE6SB&sai=AMfl-YSCq94Btm0tzNwfpNMsLi8rPhHmY2BrrnlvQWEqivcxPRlHkvbEjlk6Qp5jb4X0l820SFqrNQooX4PEirSJ4Bxs5MmHb1Ealrsf2g&sig=Cg0ArKJSzP0oS17QSwLYEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240208.33149&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 13:56:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AC01 41 KB
14 KB 197ms
154ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 18:14:20 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2D23 38 KB
13 KB 86ms
66ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 395673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:02:20 GMT
expires: Sat, 08 Feb 2025 00:02:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FC52 8 KB
6 KB 319ms
147ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

736bbf111c490fb944880d468c2ae05eb62e40c17f396969710f361c5f428f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DB8C 38 KB
13 KB 127ms
72ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 395673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:02:20 GMT
expires: Sat, 08 Feb 2025 00:02:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AC01 8 KB
6 KB 231ms
139ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d50162c2063e80a4e8a98de45c56b613d5bbb8305c46a7d9a6c93321b1858f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5908
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B3E7 8 KB
6 KB 232ms
141ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5073462328c6446a54da5cf201643f9842ac8435f7f73b2cffcf53b693a892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6072
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CA57 38 KB
13 KB 101ms
79ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 395674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:02:20 GMT
expires: Sat, 08 Feb 2025 00:02:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D23 39 KB
15 KB 97ms
79ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 20:09:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC01 0
0 155ms
140ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqDWMtzYmaaTdHxsY-n8M9qj6ZqwI12vBplCpst6NZd28-Bq9DVgHBOHqgSOUeT7Zn4yrnWb6t7l7WgkVF4AaiGvGvCFSfUBoVZx8x6OtQpgPanrHzFJXYw_BIk7sEnfDqW1V3B17dSILpkKN4ZlheUod_CJeKUhYQyvZajDV5SnUfBY3pbq3OWFmn869Xw-vB7O6WT5Qr4tW1D1QvRUvJ99AtISFbE6SB&sai=AMfl-YSCq94Btm0tzNwfpNMsLi8rPhHmY2BrrnlvQWEqivcxPRlHkvbEjlk6Qp5jb4X0l820SFqrNQooX4PEirSJ4Bxs5MmHb1Ealrsf2g&sig=Cg0ArKJSzP0oS17QSwLYEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=310&vt=11&dtpt=308&dett=2&cstd=0&cisv=r20240208.33149&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 13:56:54 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3E7 0
0 129ms
127ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkxvqN8H-KhmFeQroG2n9pGMIdecWZGzfoP_aBGqZi1dZPv3x6iBQZ1tL0Y4TKLbCWohfbcF5kkEzhxVf9bVBfCUZcfr3MgXf0ja4efPiPpKVGXrHpfafyGrhNLGjNUbvtp7Q_xHkE4nXL02fDUVv026RGgC02znOuV_CoTBvDj39e3mFMqjo&sai=AMfl-YTV8RvL_6Ae7zLPSBhYgumnuHwn1tqG67Poex3wYyHXk4Jfyz-YGPAZgmnu1XjIfAlIHynrHrKtUTaGfF8&sig=Cg0ArKJSzOUbS2PrPIKXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=534&vt=11&dtpt=531&dett=2&cstd=0&cisv=r20240208.44137&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 13:56:54 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC52 0
0 127ms
126ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTEoz_RIAyQh9D1Bk3Nf_XrZ8b1XJm5XjmakHMYyNwbggM1V1S66AQBiCCjHGKOKWBik5nNfYtTTQUUpExgqMrcd5HOgARQ0g1aPURwbYpeoyWiIPStkZy5PREypz0rXeHLpm4kBkk9SALjAneapyatUr7qlihFkcOo-Z5QsOce8NmnnVMzUw&sai=AMfl-YRO5pneF3pMiobz04-QTPK9ynDlwJCEChkuTHAGiOoeQRu68aG_VNQW6PpsKPhfEmZ5k2Xf0sZUvSXED-Q&sig=Cg0ArKJSzEVOkTJFSLRNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=614&vt=11&dtpt=611&dett=2&cstd=0&cisv=r20240208.42301&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 13:56:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FC52 17 KB
6 KB 93ms
91ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 13:56:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B3E7 17 KB
6 KB 101ms
100ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 13:56:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AC01 17 KB
6 KB 93ms
92ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 13:56:54 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame DB8C 39 KB
15 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 20:09:41 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame CA57 39 KB
15 KB 76ms
75ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 20:09:41 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 113E 39 KB
15 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 20:09:41 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame E5D8 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 20:09:41 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F4A 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 20:09:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D23 0
20 B 127ms
127ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQFW2JXXLZbGDG-KboPMP1IKd2A4AAAAAOAHgBAI&bg=!kJOlk9zNAAaxkZ3akZE7ADQBe5WfOLqFbeexj007wzfHPOGC6-EfnRT6pT0zYeXYkhXhb3HjxcEKjDi815DbyvY3P7-FAgAAAopSAAAABWgBB5kC-xqPUh5rRfrdCb9EkedHPojp-igMxKjTofscpq9x9z_QlAUpPFm4tvJHsnPcOcj5FWugeXLa21sBop_7RVhXdbmVrWGaKkaENHKS-cpLLC_m-trt-NHsl_Rl4ePm4luk9lj5VHoy34H8iZYUx_tAlvq25goezaRw4foeI4yaSJtP7tnR2Czx_dWozoiG-0RLikSr6H057Vl4fZW7zFwq9d15ZlAvpl9nz9kvwBxsZDikP8cSxXfIA4Bby1UKzWub7mU6tMMLZ50x2qlrNGHOK1LhsyTsbsrMP2_i2-KzIaLeK2mSrhXig3zchJ3C4BxNLzhGyXwly3fCdmTaWYTFVOM5bOucGkjp5KQHtCLsyhltGO10cVGwKcC3ZiEsJcOM7l91ne5g8Rz8lnnRDV8CvLhK23uJn12Klvnsu4URzxJICZp3ftZ577IHi3lUhAtG4or7EU7V-IVYwEbeJ-FpVbbTG8Ufj8xg42ldb9R4Rfj7_y6gdB2FWUJtIAkHKQX-SuhHAq_EL1OKeXewYK0tFathy92Zys6eSA1VQKcov0jyQInqde_8cMqHjbIgRHE7SGkdIRL2wukhOE6zDnoNNM6Bn6SQzlcMIsKva6bLnUk05MZnxdKnjSL5GWTYuE5oEa2o5qfXv2HuD3GPPm-3NX02ccrXUIFSINNh4ZbN26b71fMhGSdZpeUTIqMKeNh9oyE1rWUXUOfBLIBM-JrtgjQy3MDlUznEd866BWU4-FTjEs1l_-tLEUdUT6BI-5-8Pa-tmDcPNDPITEmEe656a409JtpeMh1y0UzkQRWV3461dVBIp9GEu8OvJKBKegtMdLMTi3vlC7RsQ9HHrAronghyE6-O4zf8z2bsEAxzaENgYmIcn7bNsuDtcMRXHopPdzig-9SxkWMp2Jcg07-yHbgm2-8nkN1Q5zduFck9PYgR5S-EFh6dYmO94-QhGiobsG_A1Vl37jOt_bcNC8ZRieQ3xzXtTfF0Jn9fXxdj5pBBOgiESGrhaVvBO2M

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC01 42 B
64 B 126ms
125ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfnCicM7XvVN9bIvV0c7XUzJZ9_cz5BxqP9MsR5gVOAqlBlHvjFQt2zvx7q9hQbJmvWsEQi5wfWzlmBkvSB8xpdYdr7uWtnh0oLmA8g0v5GJkCBYWI3c8J8GbM1RXP4JihknYBOY7bnQ5uZw&sig=Cg0ArKJSzIj5VqJAyz1iEAE&id=lidar2&mcvt=1036&p=0,0,600,160&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=376541400&rst=1707832613517&rpt=581&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B3E7 42 B
64 B 128ms
127ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssX-4DkK7JlTZbOQIfIMRuvzEhHyL9x1NRo9hcB_u0sAT_vZef3RKH6RUsqLD71ci98m5WH3auih1lFlIWmGKsMC2B8CwQOfXceNDlugh3tDIZSSotpvsJqyWyXHepAiW49Q&sig=Cg0ArKJSzF5aGMSl9zRvEAE&id=lidar2&mcvt=1048&p=0,0,60,234&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=376541400&rst=1707832613225&rpt=1030&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC52 42 B
64 B 126ms
125ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiyw8OZtyUNixHKN2LGJgh-PHKufXITqZTFoVB9Ch8hywSmnnZS7Mws0ijLOV37yZxdNzC5uJIKLz_O9gqX3S3nCKqE--ShuwDO4pSoo31YXoLwhxF0wyFsEjTj2KMPAOssA&sig=Cg0ArKJSzK5TOXD473VUEAE&id=lidar2&mcvt=1054&p=0,0,240,120&mtos=1054,1054,1054,1054,1054&tos=1054,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=376541400&rst=1707832613263&rpt=943&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB8C 0
20 B 128ms
127ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWDheJXXLZfmVG9SGnboPoIGH6AwAAAAAOAHgBAI&bg=!DQ6lDkHNAAaxkZ3akZE7ADQBe5WfOC5R_5nwBGEm_ksd0wgmJGITE5gcNyNQQjZ3_nGhdMdVrWRxauc0zuzP15yUfaO5AgAAAxRSAAAABWgBB5kDCMqFaXmBKSf1fdZVuTWt8IjQb9iByevYA05Ttu2EvknGXJwExN3rT7NRSn9sFFDlvecrRmnHPxQkh1Bx6auYO8cw4l6Mhb38zqIiIrx0V25iPuRvO1wKgZ0AweUcMRD3nBpQEQHMXUq0aKQqAtVsOqw0cskxmWDuNMGcM-sk8ZAXXgFp40wGLPxsWlEQegRG_zYMJrzhqcHFe9HCkBdHcDkbK4Xrt9-99-I606bVdhoRifjp0Qs4xCsdPPguW8HSks4xUxjrt4EhLkgYPg58wmXEsjxnXWe-nSre5ROba-bzil7QWUBqi6ZuOeoIXyk37i-cy5BaTVSycouUBvp-BJ2QNXGjlkqGUsYz7tmjBLFRiHwnBFIVAn69sbP_tqgwDNHictXYZybJ4h5Ed55Z73fpGZeOQUemYTXw6vLsxdAO3rIJmNzzB09-hdv1Wudie0CPPZ0utHLhl0k03udmVzaibV-g5tVCKcBX7eLOCTPCmWRdlaBUPO3elf7tgjsFHH0aSvkS030_YUMFO0ArjD4DGLAhUdvrnBr2D8talQGoPn0Z6-vcHkkNL72CvXRY_ere-rhbNuTQwiyCRuwZ0rasSCH5ej_lJun53bcJidDANfNI-ZAYhBqQSlarFQo9dpdGplxmJ3_JvGSmp8VBmQuA_HckDGBxyKXQRApx_8Pzn30LFQHOwwkrV2E_E3vu4VCz4gJXExuO2NVpIuTmHzQm6Dti3cFEpUiMb8o39xXlaKQFI9lTViiauqTr_BPWkWXWb42bIot5ddSBX4L17JJGmBu2ALhYWsVO6nXwZD7bWtyJFy0oCq9Fnv-RDe98F0U7-8Xfe173_bhPkpqP17t29FDyslHI1TOIUWS10B_kDunKhoIwCjrfhxdVwj7Msf7mvr6pi2sVUcM20uVvjl9v-kmMotTtOySy5o0ybfJpeCCfeP1lwyjT3ODlAtVte9Z8PxEDo4oYzGuAKEOXQcRH8XEfPccOBfSMk5mub0QXU65Qcijme6fn0r7MkkX8G0keAH1rDpLL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA57 0
20 B 127ms
126ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Borx3JXXLZbrGIqy4oPMPi4ia4AkAAAAAOAHgBAI&bg=!uLulu_TNAAaxkZ3akZE7ADQBe5WfOE18GXQFBqvs6t8eW8Gcoz_NoYy7djb0dAEhGzpb9bTMspVZ6YdVcbdQjJiUrg0ZAgAAAwVSAAAABGgBBwoABzueNFXdSGaZAwdqBiXwhM8ISZd7_ovtq9NAG_Hd1hTzf2Tzmoi0hZq2iAMwKfAtA-wGF_CWodQYBV3hXY2Psovy9b41j53CoP9MpKOyayBc0nNL0sB2T-cwt_PY7Ml89-lk3Oq5d_gwXrI7aZvaK5uCq9joNaWDwssyS-8kwl8-3SVnb3RgRDQdOQ8wuiorcEabeGaQAi21r5YYAlD3d-U7eyrja3BDJZYmNGxYVgIdJe3eNLKjTpT6tU_adNsIS04fD0U6Q6NJeTKq-D1OXg7enHwLxc-8tp35WasCRdjbpjPOsnoTrMji0-8xkUkdkwH_TdMOWSNpeku7L1Sv28El8XM7uS1CD_UFVCxzdTY0IxeqjO_mYlhb0zSalHp4GZxHwmVcB93dwy-WTsTTIWi_qTptBvDfpoFttYhUccyaEK9zrKeA9E9MGU0a3biGVA_K_f-PhVH7mEToxDh1EUy-tqtbACMhR-FKArtHtAaYH7i3-UroCzcAz_lNhMUHSOblyTvUecNzj1e44ojJFrJFfHCgrXkhq2WTnuelMEebRdWx0-48jMjI6ttB0AdUonsE4_H_-xpnSxQ7072qsPLS9s7cPgxJJWdWadI6DlvPXT5zTbj7zg08HqFYpP4HcHUROlfcji-rrhCZTAWveaqskVyI7CncjHuyA0QnTFeRWI__4g1yJoQd-Ui2dUTKHd1YLNjeXGwMUSxLBJAPxF5q7-lQCcLUEN6Ym83FQUTXmO9LvVvVLUI3nfLTJ8eiJNcVY9eYead93jtm-w7YgnJ632PI9oyNKMBtOR45ND4jgcG2hxjTEbefH7R8e4BFGYiS3N9nojENnX-7ihzA4SoB48P_zl0_DgHLF7dnG1LSMhKzvoSTSRJ3ToF1X1QfpGw3cn3CquL13eJJCErLp9XlBZEU4x87gpQJGVN-_0iF8PwlKjFIvDYQFG5v12vDOXXRGhosoYRPC0IdHKMPWDc7FipzJu8xlyhnPD_YsGE37f2maTToeHiubRN7nbi91smgy5qCRUqfXRdrdDXoDdP2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
campaigns.williamhill.com/	1970-01-21 03:59:52	Name: CEK Value: a
.entainpartners.com/	1970-01-20 18:23:54	Name: __cf_bm Value: DANrVIXyvWN5E1nu_4XdMNQ_QXAAioPDj80dlUVUL5k-1707832612-1-AQR56Y9rs5yyr2Up7QOgbr1AD8oM14t4XTIgnBScT1JP+ZTWKMGyejzG2zQRlcLyrG1eWTRdtP7TtjxRkGJdYnY=
campaigns.williamhill.com/	1970-01-20 20:33:28	Name: A_312 Value: a=312&r=0&fv=20240213&lv=20240213015653&vc=1&fc=0&lc=0&cc=0
campaigns.williamhill.com/	1970-01-20 20:33:28	Name: XYZ Value: 120&1&148&&&&0&1&&dacdf37a-8960-4a39-a27c-a5676dd881a8&a_46719b_304&&
campaigns.williamhill.com/	1970-01-20 20:33:28	Name: A_304 Value: a=304&r=0&fv=20240213&lv=20240213015653&vc=1&fc=0&lc=0&cc=0
.doubleclick.net/	1970-01-20 22:43:04	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:43:04	Name: APC Value: AfxxVi7J121Mj7L_CvESh-p-Sb62P82x4Vcd39QqTmMB5_UpjXp9zA
campaigns.williamhill.com/	1970-01-20 20:33:28	Name: A_328 Value: a=328&r=0&fv=20240213&lv=20240213015653&vc=1&fc=0&lc=0&cc=0
.doubleclick.net/	1970-01-21 03:59:52	Name: IDE Value: AHWqTUkXs_6uJkxOOg4EGykPwKjf9lXjOctiu27I8ZDmO_EiFsuPyn3MvCvVpNRMygg
betschecker.co.uk/	1970-01-20 19:04:11	Name: complianceCookie Value: on

37 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://betschecker.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
betschecker.co.uk
campaigns.williamhill.com
googleads4.g.doubleclick.net
mediaserver.entainpartners.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
wlwilliamhill.eacdn.com
142.250.65.162
142.250.80.70
20.93.81.72
2606:4700::6812:ad8
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81c::2006
2607:f8b0:4006:823::2001
2620:1ec:bdf::40
2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace
099d1a935985ad4ccf54d7b525573a424ae196fb8605cbb36f5815581973f1be
0d50162c2063e80a4e8a98de45c56b613d5bbb8305c46a7d9a6c93321b1858f6
1a2a186b14385f0be015f71793ee7a89d2015ce2b3ce2af119e17879f00b7ba1
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
2cbfe6be4f54970a21931f83fc0308a720c82d25336b244726fe6c1a99cd6dd6
354252bf4d180df3782017961b51413692aa08e73e71c32fe4dbc917e3c93c44
37a042f4b98dae34378e89ab1a0659e1369c6525a8586774fa9091ce9a9c7525
3f24591817e0af338fd7d1e2a794a1abea49f169fbbfe531b87f7f045a266d9b
3f6a81008221539aa85ae6192bdbc4bf835d350623fd584f4ad83a8cbbaad26d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
52e633f1f9d2614fb1a43612aef34e877a88ad29d11de6930ef48bb0ee408c6f
52fad190e3cda69e17ac2d6456f9e8ad84bf3024275d7d8942c706148d353d70
565c5518ecbcd6af141e31412e03c9c20b9126ca8049c3247736768ffc764246
5b2d221124512318812afd8786043d84fb9d7d4b836a2447585bf767294cfc3d
5dce5b955d6f17da45d02a5bec65b5bf09b442220ee917e652b0eb7a1e5e3d6d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69112d907de46509e56eb7a56c4422c4282097b2d8a90e8b57925339d8686846
736bbf111c490fb944880d468c2ae05eb62e40c17f396969710f361c5f428f21
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
896a7756f4d7a10c5a7ad1b90b4cc88a71294aca2682f9f66128013d622f49d7
8ef78664b248487c0ef262cab2e051c35305af75f2c9bef4fa63f7e0995f9461
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
a0975646ba6e49c009ce48290d5f94baf62ef928961526d3cbc75a4b856da7bb
ad35522dc0e9dea8cf27f3ef4613b33c1efce4e601ac449e43366c6fde684efd
b200011a65b8e5de97df43708b8ce97430df7d6cd50dbb507825fe3d8fc7d538
b20eb4e7e9ed2ff2fe9ee1e2c7bc25673ddea40f3c6ae2370fe10ecb4c3dcdf8
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
c54b7c3c087620ba8dbbd6519937e84fe0708781dbae9c33c6f2ec41132addc9
c70dbb2529cc1b4bd3d300bc91695597d08eeada28a8750275233c84427133ef
c7b38d0c659026a67650d0d8bb53940dccb939a3876b16bffe476034375f3715
d35061382f7fe798bfdc81dd5837f6ebe1896bdb5c1cb1edbf960911821bcdd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5348a5c66a89bafabd80f8c8b7cbbd8275a710fce2fc38f8bb7d0773a758a88
e8bc601b306a12f21b569988b073383dc17d76c69e72cdb8204297a6880befbd
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5073462328c6446a54da5cf201643f9842ac8435f7f73b2cffcf53b693a892e
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

betschecker.co.uk Open in urlscan Pro 2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

67 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

879 kBTransfer

1800 kBSize

10 Cookies

2 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

betschecker.co.uk Open in urlscan Pro
2a02:4780:84:bb5c:5f8b:3125:c0d1:8ace Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

879 kB
Transfer

1800 kB
Size

10
Cookies

70 HTTP transactions
0 data transactions