urlscan.io logo urlscan.io
SecurityTrails logo

casinoaccount.co.uk Open in urlscan Pro
2a02:4780:a:1403:0:20f0:f8c9:10  Public Scan

Go To Rescan Add Verdict Report
URL: https://casinoaccount.co.uk/
Submission: On February 14 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 10 domains to perform 31 HTTP transactions. The main IP is 2a02:4780:a:1403:0:20f0:f8c9:10, located in Manchester, United Kingdom and belongs to AS-HOSTINGER, CY. The main domain is casinoaccount.co.uk.
TLS certificate: Issued by R3 on February 14th 2024. Valid for: 3 months.
This is the only time casinoaccount.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2a02:4780:a:1... 47583 (AS-HOSTINGER)
2 40.127.232.184 8075 (MICROSOFT...)
2 217.147.127.39 ()
2 20.93.81.72 8075 (MICROSOFT...)
1 1 195.72.135.91 13008 (BETANDWIN...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 142.250.181.230 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
31 11
7    2a02:4780:a:1403:0:20f0:f8c9:10 (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)
casinoaccount.co.uk
2    40.127.232.184 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wlcoral.iaofr.com
2    217.147.127.39 (Gibraltar)

ASN- ()
PTR: marketing.888.com
marketing.888.com
2    20.93.81.72 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
campaigns.williamhill.com
1    195.72.135.91 (Austria)

ASN13008 (BETANDWIN-AS Vienna, Austria, AT)
PTR: backgammon.betoto.com
partners.ladbrokes.com
1    2606:4700::6812:ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.entainpartners.com
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wlwilliamhill.eacdn.com
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
140 KB
7 casinoaccount.co.uk
casinoaccount.co.uk
58 KB
3 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 149
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551
30 KB
2 eacdn.com
wlwilliamhill.eacdn.com — Cisco Umbrella Rank: 844666
4 KB
2 williamhill.com
campaigns.williamhill.com — Cisco Umbrella Rank: 493031
3 KB
2 888.com
marketing.888.com
97 KB
2 iaofr.com
wlcoral.iaofr.com
2 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
64 KB
1 entainpartners.com
www.entainpartners.com
1 ladbrokes.com
partners.ladbrokes.com
1 KB
31 10
Domain Requested by
8 pagead2.googlesyndication.com ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 casinoaccount.co.uk casinoaccount.co.uk
3 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 wlwilliamhill.eacdn.com campaigns.williamhill.com
2 campaigns.williamhill.com casinoaccount.co.uk
wlwilliamhill.eacdn.com
2 marketing.888.com casinoaccount.co.uk
2 wlcoral.iaofr.com casinoaccount.co.uk
1 s0.2mdn.net ad.doubleclick.net
1 ad.doubleclick.net wlwilliamhill.eacdn.com
1 www.entainpartners.com casinoaccount.co.uk
1 partners.ladbrokes.com 1 redirects
31 12
Subject Issuer Validity Valid
casinoaccount.co.uk
R3		 2024-02-14 -
2024-05-14		 3 months crt.sh
*.iaofr.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-25 -
2024-10-10		 a year crt.sh
safe-installation.com
Thawte TLS RSA CA G1		 2023-06-06 -
2024-06-05		 a year crt.sh
campaigns.williamhill.com
HydrantID Server CA O1		 2023-11-07 -
2024-12-01		 a year crt.sh
www.entainpartners.com
Cloudflare Inc ECC CA-3		 2023-10-03 -
2024-10-01		 a year crt.sh
ia-prod-azurecdn.eacdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-24 -
2024-11-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://casinoaccount.co.uk/
Frame ID: 8344D38C126921C5A1690BAE623F9764
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=
Frame ID: FAA59B50BEA1AB2590E0DB07A324C68D
Requests: 3 HTTP requests in this frame

Frame: https://www.entainpartners.com/
Frame ID: E895FF0CA568841A0C93D06A3C50FA43
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: AA5F6A1DB19196BD8A6442A575BCD216
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&t=638434979369870000&MediaID=895&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: E9C07CC2BEC3D5737EF3FBD33E50476C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 24F72B22E67CA89E2229A39B61863442
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: 6EBDA1E7B521745B2AF01B1778A73C32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Casino Account | Casino Account No Deposit | Top UK Casinos

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

31
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

11
IPs

6
Countries

398 kB
Transfer

709 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://partners.ladbrokes.com/I.ashx?btag=a_2879b_46c_&affid=236&siteid=2879&adid=46&c= HTTP 301
  • https://www.entainpartners.com/

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
casinoaccount.co.uk/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1403:0:20f0:f8c9:10 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e9289af6411623463db604aa085ae099aec784409d1ba85d9065ae6ca9dfe79d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
3139
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Wed, 14 Feb 2024 08:58:56 GMT
etag
"2877-61cc5152-f7916182f6115eac;br"
last-modified
Wed, 29 Dec 2021 12:15:14 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
law.js
casinoaccount.co.uk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://casinoaccount.co.uk/law.js
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1403:0:20f0:f8c9:10 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ad35522dc0e9dea8cf27f3ef4613b33c1efce4e601ac449e43366c6fde684efd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 24 Sep 2018 09:54:48 GMT
server
LiteSpeed
etag
"94e-5ba8b468-9cf90bde9fa93d0a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
964
expires
Wed, 21 Feb 2024 08:58:56 GMT
logo.jpg
casinoaccount.co.uk/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casinoaccount.co.uk/images/logo.jpg
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1403:0:20f0:f8c9:10 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
56ee5b5ad14230ba836da535ffac1ec1da18bbab591371a99568085748484c10
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 09 Mar 2017 12:48:22 GMT
server
LiteSpeed
etag
"66b4-58c14f16-cd7d44955901a8a;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
26292
expires
Wed, 21 Feb 2024 08:58:56 GMT
line.jpg
casinoaccount.co.uk/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casinoaccount.co.uk/images/line.jpg
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1403:0:20f0:f8c9:10 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
51730c0295c95a083d16f7e1df24a034fb4c6e103856d457e63deb1ad229db44
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 09 Mar 2017 12:48:22 GMT
server
LiteSpeed
etag
"57b-58c14f16-8d4be0e78da2b116;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1403
expires
Wed, 21 Feb 2024 08:58:56 GMT
betfair728.jpg
casinoaccount.co.uk/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casinoaccount.co.uk/images/betfair728.jpg
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1403:0:20f0:f8c9:10 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8fce410a033b7b4ba85b5b0aec4ee2269f831922b100af7ff6f527646661991d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 18 May 2021 15:23:58 GMT
server
LiteSpeed
etag
"21b3-60a3dc0e-3ff97d43ea8c741c;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
8627
expires
Wed, 21 Feb 2024 08:58:56 GMT
/
wlcoral.iaofr.com/wl/imp/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wlcoral.iaofr.com/wl/imp/?btag=a_901b_17306&aid=
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 08:58:56 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.3
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Length
619
X-XSS-Protection
1; mode=block
/
wlcoral.iaofr.com/wl/imp/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wlcoral.iaofr.com/wl/imp/?btag=a_901b_5228&aid=
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 08:58:56 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.3
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Length
619
X-XSS-Protection
1; mode=block
40068-0-728x90_Low_limit_an.gif
marketing.888.com//CasinoOnNet/EN/Banners/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketing.888.com//CasinoOnNet/EN/Banners/40068-0-728x90_Low_limit_an.gif
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.147.127.39 , Gibraltar, ASN (),
Reverse DNS
marketing.888.com
Software
/
Resource Hash
dc4677d257930a527cc859dae95cc15213b23888d550b1b34a33ab1176145455

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 08:58:55 GMT
Last-Modified
Tue, 23 Jun 2009 15:35:22 GMT
Server
ETag
"0996f3818f4c91:0"
Content-Type
image/gif
Accept-Ranges
bytes
srv
1231321
Content-Length
49574
35214-2-728x90_LW_template_1_cs.gif
marketing.888.com//Littlewoods/EN/Banners/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketing.888.com//Littlewoods/EN/Banners/35214-2-728x90_LW_template_1_cs.gif
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.147.127.39 , Gibraltar, ASN (),
Reverse DNS
marketing.888.com
Software
/
Resource Hash
8a6b8f6ec6efa10d65742c1b090835ee0dab5e79e44ea611964e621888bfb434

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 08:58:55 GMT
Last-Modified
Wed, 22 Oct 2008 15:46:38 GMT
Server
ETag
"03925e5d34c91:0"
Content-Type
image/gif
Accept-Ranges
bytes
srv
1231321
Content-Length
48962
728_GA.jpg
casinoaccount.co.uk/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casinoaccount.co.uk/images/728_GA.jpg
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1403:0:20f0:f8c9:10 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1fe0f6d55ac1f23e270e4da18994fa4a4c4884959bdfd60e9e274511577952d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 16 Oct 2017 16:16:16 GMT
server
LiteSpeed
etag
"42c5-59e4db50-a48c86283c226309;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
17093
expires
Wed, 21 Feb 2024 08:58:56 GMT
I.ashx
campaigns.williamhill.com/ Frame FAA5 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.williamhill.com/I.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b4651ada063e865b854ea5cc54c60af92607f33a2a790214f9d488713711fee0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://casinoaccount.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
1448
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Feb 2024 08:58:56 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
www.entainpartners.com/ Frame E895
Redirect Chain
  • https://partners.ladbrokes.com/I.ashx?btag=a_2879b_46c_&affid=236&siteid=2879&adid=46&c=
  • https://www.entainpartners.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.entainpartners.com/
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://casinoaccount.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
85541cb85dcf71f8-LHR
content-encoding
gzip
content-language
en-GB
content-type
text/html;charset=UTF-8
date
Wed, 14 Feb 2024 08:58:56 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
x-ua-compatible
IE=EmulateIE7

Redirect headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding
gzip, deflate, br
Accept-Language
en-GB,en;q=0.9
Cache-Control
no-cache
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Feb 2024 08:58:55 GMT
Host
partners.ladbrokes.com
Location
https://www.entainpartners.com/
Pragma
no-cache
Referer
https://casinoaccount.co.uk/
Sec-Fetch-Dest
iframe
Sec-Fetch-Mode
navigate
Sec-Fetch-Site
cross-site
Transfer-Encoding
chunked
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-Forwarded-For
194.74.212.81
X-Redirect-Source
Redirex
gradient.jpg
casinoaccount.co.uk/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casinoaccount.co.uk/images/gradient.jpg
Requested by
Host: casinoaccount.co.uk
URL: https://casinoaccount.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:1403:0:20f0:f8c9:10 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b77e5bb49da9adb83ebc48da93b2881d00e06c0207034dce90a0968cc165595f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoaccount.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 09 Mar 2017 12:48:20 GMT
server
LiteSpeed
etag
"504-58c14f14-8c9af793f2408cb;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1284
expires
Wed, 21 Feb 2024 08:58:56 GMT
s.5.6.min.js
wlwilliamhill.eacdn.com/TrafficOpt/ Frame FAA5 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://campaigns.williamhill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2016 16:08:31 GMT
etag
W/"56fbf9ff-1a7b"
vary
Accept-Encoding
x-azure-ref
20240214T085856Z-vsnvd5nwdp0uz7mwcfk97f40qc00000002z000000000ymuq
content-type
application/javascript
x-cache
TCP_HIT
cache-control
max-age=0, no-cache
x-fd-int-roxy-purgeid
0
Ad_922.js
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ Frame FAA5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_922.js?t=2024021408
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4304875cc0e19a36958bcde55cb192cae3f40796e6b54836e1bb5eeff8e8eafb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://campaigns.williamhill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:56 GMT
content-encoding
br
last-modified
Mon, 11 Dec 2023 08:20:44 GMT
etag
W/"6576c65c-58c"
vary
Accept-Encoding
x-azure-ref
20240214T085856Z-vsnvd5nwdp0uz7mwcfk97f40qc00000002z000000000ymup
content-type
application/javascript
x-cache
TCP_HIT
cache-control
max-age=0, no-cache
x-fd-int-roxy-purgeid
0
C.ashx
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame AA5F 		63 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
a4a5c2005a0e906bc986107964fafbf8804b53edc84446133317785cbed3595a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.williamhill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
29829
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 08:58:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
T.ashx
campaigns.williamhill.com/ Frame E9C0 		0
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.williamhill.com/T.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&t=638434979369870000&MediaID=895&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://campaigns.williamhill.com/I.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Feb 2024 08:58:57 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
10560356522881700647
s0.2mdn.net/simgad/ Frame AA5F 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10560356522881700647
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0116b0c947afc89fb079e9f76384fa23541040bc6f529c21c4a286f892f44d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Wed, 14 Feb 2024 08:58:57 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65251
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 14:46:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Feb 2025 08:58:57 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20240212/r20110914/xfa/ Frame AA5F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240212/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 02:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
22724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4124
x-xss-protection
0
server
cafe
etag
9042593224187393105
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Feb 2024 02:40:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240212/r20110914/elements/html/ Frame AA5F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240212/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 19:52:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
47188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 19:52:29 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AA5F 		204 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
1358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 09:36:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AA5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJnfJwvjA5xPvaDEnC3cbGfXTU9NlVv0s_HXhmcLCEM8b1Mw44tBpE8ou858grZEnk3UNmQsx0CSsMNjrgGSmad3TjzrNjnKTYP3vMVHrefzswCr37ahs2Oq2WdREspuzZr_Iy1SOBp3WTxtDBazyTnNidC17cp00pPiNNfSrY76JH4JZoVZ4lNA&sai=AMfl-YQ8R_F5mldZyDkOAmeCqHPHcqPvtTjcPMyVUfSGEfA6vXhWQbY_1x5QzaRwzCDGQnztMBo26fFFyNoXcCE&sig=Cg0ArKJSzJ0jRRvM2cpMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240212.00434&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 14 Feb 2024 08:58:57 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AA5F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
8006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 06:45:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AA5F 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240212/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
839e73ffae0a48e8dbfcf296cb33106730858e07322d371a490caf48e3e54d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5839
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 24F7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
85346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 09:16:31 GMT
expires
Wed, 12 Feb 2025 09:16:31 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AA5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJnfJwvjA5xPvaDEnC3cbGfXTU9NlVv0s_HXhmcLCEM8b1Mw44tBpE8ou858grZEnk3UNmQsx0CSsMNjrgGSmad3TjzrNjnKTYP3vMVHrefzswCr37ahs2Oq2WdREspuzZr_Iy1SOBp3WTxtDBazyTnNidC17cp00pPiNNfSrY76JH4JZoVZ4lNA&sai=AMfl-YQ8R_F5mldZyDkOAmeCqHPHcqPvtTjcPMyVUfSGEfA6vXhWQbY_1x5QzaRwzCDGQnztMBo26fFFyNoXcCE&sig=Cg0ArKJSzJ0jRRvM2cpMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=285&vt=11&dtpt=283&dett=2&cstd=0&cisv=r20240212.00434&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23781165.266648332;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_922c_&affid=1213670&siteid=46719&adid=922&c=&MediaID=895&IsAd=1&IAref=https%3A%2F%2Fcasinoaccount.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 14 Feb 2024 08:58:57 GMT
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame 24F7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 00:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
28969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 00:56:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AA5F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240212/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 08:58:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 24F7 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNdlX0YDMZfT9DL6XjuwPhYCvqAYAAAAAOAHgBAI&bg=!0tGl0Z7NAAaxkZ3akZE7ADQBe5WfOMCAJsAIwpQC8Wcz554HOj5rSGSe74bUbIMdQws2sP5VbeE39jYkiE7RR1Qi0b84AgAAAEBSAAAABGgBB5kDAT_FrsTQLqdK_XmeaL1asLjmXKsyAOGZx7Zi2aGF3GUB_46WKXuEK8DgiC5BO5WVr1kUkBeDABc6mf57Q1SZeuko9Jbq5AJlwMYBA24PrL5-pxnsiiEk4heX_tUyIhG99vNh2qhb45JMU3vseihOAaLncFGcWF_v3WEqqlqql1Mh-X6fHvk3nxA5x_yTNTZnoI31lMn0xoz6wF1x_eqrKSo2rEZ8SLkfNZUSYbLMTyHTWVeZbNB7KPWGQdCEPzXIeUYJHM_S_8eJZEy1HeTncAXvvrBywJvb20r1ZklRoFP_79ZIoCcRXZ9Tt_gDzuva5XeyiKD5VKiJSiSLCw1_tcbIM6IC9s5jnnR5fVTTf1QD4_rs4y2-HoBtOklhsMSbeDQtmfQe_Z-gkiyLfzo4Vocn6ebpyRrIIZvwazoQVE5xgDv-jDxQZSRxQ9B4uWGIPBXl_qVOM_AJumAUKQe9tR6XRRtWqVt7cKuDAJlDHlRDev6cVzta33bvhYo8bvWloRegd1V8Sh9BRjbq4emCGwP_BmCdt25wbrl_Gr7fL2yWSwwCtbzoa-6oeoDSXtKz4UvcqzLBYg9JkAJecxi9VRJFIFO5pc3bY1NsGuY7s7RWZmPNSbLA0c_JbtKnzzP-P8AYqKx1fAi2r0hrUSlKXRC9gfRcjvwfJyJPl6IsnX5JsrP5iYGfkGHrQPlRb0h8MfMc-SgFoq9QJ359GcC3vDy1iftP4xcObeJ00rWZL3sZBK5RxATuYa5YhkUV44QTI_d5DsNPDtIvKtGTrRyCYGexAy2M50kAeRxKtZCbzEaYdPH_vi-1nbJOoCVJQllziPfEqwj9KOFi6_ZazbdHotyI69tmjwtckQ1CP5CVV2BEAmoANYKG5LBj5GlQ3EkweEjaC39pmDF7T7-S8cShbfrYM1RYAxBN-d-osp-HCXt7JdHH2ErGt_hc1rsOW176OGtZkPkd4z3jpa1iA048ndfZ-ACc-jn5whBaOp0RZVooLuyHPf2j-Sa9CnWp_m39KOQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 08:58:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame 6EBD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 00:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
28969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 00:56:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA5F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3vtYuASoQbI9Aolix6Xh03LrNZI41DBrjkpVrA4L51BV1iwDVryUgAq6KxMqOPczo9dk27hP7xVi7_NbJsRAGkcDMxGOLL_hfUHqdHVL-MXpib3tOjfaOTe_b3B-tNgF22g&sig=Cg0ArKJSzM-twXNyD_8BEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=383393700&rst=1707901136987&rpt=585&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 08:58:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| dropCookie number| cookieDuration string| cookieName string| cookieValue function| createDiv function| createCookie function| checkCookie function| eraseCookie function| removeMe

8 Cookies

Domain/Path Name / Value
campaigns.williamhill.com/ Name: CEK
Value: a
.entainpartners.com/ Name: __cf_bm
Value: 5MPr4RmJaSSyyVP83HDIWw.1Ax_PMIrdHIweL0WWrtI-1707901136-1.0-AWbHSDcfndCcvjmtyHAhSlw8wjGVv9NU5ewEJp+o2hSonHDKFmxc+IP2sNSHAZnzt1FIExRsFnuAGdUA0CJSnXo=
campaigns.williamhill.com/ Name: XYZ
Value: 120&1&148&&&&0&1&&10829e96-4910-416b-962b-a28252e7195b&a_46719b_922&&
campaigns.williamhill.com/ Name: A_922
Value: a=922&r=0&fv=20240214&lv=20240214085857&vc=1&fc=0&lc=0&cc=0
.doubleclick.net/ Name: APC
Value: AfxxVi5W3pqTGh2POOAUk_KlDM2NGqMPnpnjdQvGScKZJLw4DBiBLg
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk_6_wgEMwmChkEASun5ub7cmEE6JwHZWVJrYN1C6CJIgty9sKE0269X2grycU
casinoaccount.co.uk/ Name: complianceCookie
Value: on

12 Console Messages

Source Level URL
Text
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.entainpartners.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://casinoaccount.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
campaigns.williamhill.com
casinoaccount.co.uk
googleads4.g.doubleclick.net
marketing.888.com
pagead2.googlesyndication.com
partners.ladbrokes.com
s0.2mdn.net
tpc.googlesyndication.com
wlcoral.iaofr.com
wlwilliamhill.eacdn.com
www.entainpartners.com
142.250.181.230
172.217.18.2
195.72.135.91
20.93.81.72
217.147.127.39
2606:4700::6812:ad8
2620:1ec:46::45
2a00:1450:4001:802::2006
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2001
2a02:4780:a:1403:0:20f0:f8c9:10
40.127.232.184
0116b0c947afc89fb079e9f76384fa23541040bc6f529c21c4a286f892f44d3a
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
1fe0f6d55ac1f23e270e4da18994fa4a4c4884959bdfd60e9e274511577952d1
4304875cc0e19a36958bcde55cb192cae3f40796e6b54836e1bb5eeff8e8eafb
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
51730c0295c95a083d16f7e1df24a034fb4c6e103856d457e63deb1ad229db44
56ee5b5ad14230ba836da535ffac1ec1da18bbab591371a99568085748484c10
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
839e73ffae0a48e8dbfcf296cb33106730858e07322d371a490caf48e3e54d6a
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
8a6b8f6ec6efa10d65742c1b090835ee0dab5e79e44ea611964e621888bfb434
8fce410a033b7b4ba85b5b0aec4ee2269f831922b100af7ff6f527646661991d
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
a4a5c2005a0e906bc986107964fafbf8804b53edc84446133317785cbed3595a
ad35522dc0e9dea8cf27f3ef4613b33c1efce4e601ac449e43366c6fde684efd
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b4651ada063e865b854ea5cc54c60af92607f33a2a790214f9d488713711fee0
b77e5bb49da9adb83ebc48da93b2881d00e06c0207034dce90a0968cc165595f
dc4677d257930a527cc859dae95cc15213b23888d550b1b34a33ab1176145455
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9289af6411623463db604aa085ae099aec784409d1ba85d9065ae6ca9dfe79d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939