lucky31.co.uk Open in urlscan Pro
2a02:4780:21:d30c:4ac0:a860:d761:df37  Public Scan

URL: https://lucky31.co.uk/
Submission: On February 17 via api from US — Scanned from US

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2a02:4780:21:d30c:4ac0:a860:d761:df37, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is lucky31.co.uk.
TLS certificate: Issued by R3 on February 16th 2024. Valid for: 3 months.
This is the only time lucky31.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a02:4780:21:... 47583 (AS-HOSTINGER)
4 20.93.81.72 8075 (MICROSOFT...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.19.153.16 ()
1 23.208.32.229 16625 (AKAMAI-AS)
4 2620:1ec:29:1... 8075 (MICROSOFT...)
2 172.253.122.149 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
10 172.253.63.154 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
50 11
Apex Domain
Subdomains
Transfer
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
282 KB
6 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 149
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551
60 KB
6 lucky31.co.uk
lucky31.co.uk
60 KB
4 eacdn.com
wlwilliamhill.eacdn.com — Cisco Umbrella Rank: 844666
7 KB
4 entainpartners.com
mediaserver.entainpartners.com — Cisco Umbrella Rank: 190268
56 KB
4 williamhill.com
campaigns.williamhill.com — Cisco Umbrella Rank: 493031
5 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
269 KB
1 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1052
1 betfair.com
ads.betfair.com
2 KB
50 9
Domain Requested by
16 pagead2.googlesyndication.com ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
6 lucky31.co.uk lucky31.co.uk
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 wlwilliamhill.eacdn.com campaigns.williamhill.com
4 mediaserver.entainpartners.com lucky31.co.uk
mediaserver.entainpartners.com
4 campaigns.williamhill.com lucky31.co.uk
wlwilliamhill.eacdn.com
2 s0.2mdn.net ad.doubleclick.net
2 ad.doubleclick.net wlwilliamhill.eacdn.com
1 servedby.flashtalking.com ads.betfair.com
1 ads.betfair.com lucky31.co.uk
50 11
Subject Issuer Validity Valid
lucky31.co.uk
R3
2024-02-16 -
2024-05-16
3 months crt.sh
campaigns.williamhill.com
HydrantID Server CA O1
2023-11-07 -
2024-12-01
a year crt.sh
mediaserver.entainpartners.com
Cloudflare Inc ECC CA-3
2024-01-11 -
2024-12-31
a year crt.sh
site.promotions.betfair.com
GTS CA 1P5
2024-01-11 -
2024-04-10
3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-14 -
2024-09-14
a year crt.sh
ia-prod-azurecdn.eacdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-24 -
2024-11-29
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh

This page contains 14 frames:

Primary Page: https://lucky31.co.uk/
Frame ID: E55593ECE747E8A53F1385FEC045B4AA
Requests: 6 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=
Frame ID: 40F416F1E03285CA271AB7B50DF40588
Requests: 3 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=
Frame ID: 6A302E51FB56EA8D9CE4E1DB93A3F2EF
Requests: 3 HTTP requests in this frame

Frame: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2023057&t=f&v=1&securedDomain=y
Frame ID: 0BF65B720416501C43BA5C91DE4EF7A1
Requests: 2 HTTP requests in this frame

Frame: https://ads.betfair.com/ad.aspx?bid=9031&pid=9241
Frame ID: 41299512CFEC0B6475046246F637C18F
Requests: 2 HTTP requests in this frame

Frame: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022761&t=f&v=1&securedDomain=y
Frame ID: F4B30096C0814F212DA729AE79BAFD21
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: 9FF3C98711BBA48F0DC36E4144F46EFA
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&t=638437273440610000&MediaID=309&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: D483A53D1A107CF0DF0EB616B9AFFA44
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: 83A194D936AE005D37109A8A33B03D69
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&t=638437273440650000&MediaID=300&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: BA6ECE210D0C75D080A2DD0723204550
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0A2E461621876A70EE035DA3A87125BE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 719F81DB0295278C7A8853B161BE3499
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 8A9C226DB22A64D58522D4311AD3DC4C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: E62BAE582E6E3925D245E38D3DE2F14F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Lucky 31 : bet explanation

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

50
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

742 kB
Transfer

1364 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lucky31.co.uk/
7 KB
3 KB
Document
General
Full URL
https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:21:d30c:4ac0:a860:d761:df37 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
3b70cf9654d2c470f1642e33f05d3d438ae206cd778f2e2536ee7237f3ca5b7d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-length
2426
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Sat, 17 Feb 2024 00:42:22 GMT
etag
"1cf8-60a428ba-9bdbb193bfd5424;br"
last-modified
Tue, 18 May 2021 20:51:06 GMT
platform
hostinger
server
hcdn
x-hcdn-cache-status
DYNAMIC
x-hcdn-request-id
f056c1d5160492affb6cf068e7798f87-phx-edge4
x-hcdn-upstream-rt
0.422
x-turbo-charged-by
LiteSpeed
law.js
lucky31.co.uk/
2 KB
1 KB
Script
General
Full URL
https://lucky31.co.uk/law.js
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:21:d30c:4ac0:a860:d761:df37 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
ad35522dc0e9dea8cf27f3ef4613b33c1efce4e601ac449e43366c6fde684efd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lucky31.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:22 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
alt-svc
h3=":443"; ma=86400
content-length
964
x-hcdn-cache-status
MISS
last-modified
Mon, 24 Sep 2018 09:41:50 GMT
server
hcdn
etag
"94e-5ba8b15e-12c960e697ae9c86;br"
x-hcdn-request-id
98bb1ba48f0d6c66da32d48636c0dbd6-phx-edge4
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
x-hcdn-upstream-rt
0.418
accept-ranges
bytes
platform
hostinger
expires
Sat, 24 Feb 2024 00:42:22 GMT
lucky31.jpg
lucky31.co.uk/
5 KB
5 KB
Image
General
Full URL
https://lucky31.co.uk/lucky31.jpg
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:21:d30c:4ac0:a860:d761:df37 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
6e71ead7ccf9abf691c9e8da26fbaa331ae24b03bdc6f21eaf6c541b8abc01f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lucky31.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:22 GMT
x-hcdn-cache-status
MISS
server
hcdn
x-hcdn-request-id
ac7e2604b93b78bbc75b7efffea37ec5-phx-edge4
content-type
image/webp
cache-control
public, max-age=604800
x-hcdn-image-optimizer
f:webp q:85 w:1600
x-hcdn-upstream-rt
0.418
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
4918
lucky-31.jpg
lucky31.co.uk/
44 KB
45 KB
Image
General
Full URL
https://lucky31.co.uk/lucky-31.jpg
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:21:d30c:4ac0:a860:d761:df37 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
495c45e997d5d26747fd23b8c98dbdbeed4f20575a5d5aaaf9d4f2375b58b933

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lucky31.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
x-hcdn-cache-status
MISS
server
hcdn
x-hcdn-request-id
37386e614989f04587023711e0c37614-phx-edge4
content-type
image/webp
cache-control
public, max-age=604800
x-hcdn-image-optimizer
f:webp q:85 w:1600
x-hcdn-upstream-rt
0.846
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
45320
728_GA.jpg
lucky31.co.uk/
4 KB
4 KB
Image
General
Full URL
https://lucky31.co.uk/728_GA.jpg
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:21:d30c:4ac0:a860:d761:df37 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
808a282563111c00f2cdb143f48b1ef2102e6f4ac33aae4340dea558648f3203

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lucky31.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
x-hcdn-cache-status
MISS
server
hcdn
x-hcdn-request-id
8d5760ff444bc4de8a5b35ae3cbb1c5c-phx-edge4
content-type
image/webp
cache-control
public, max-age=604800
x-hcdn-image-optimizer
f:webp q:85 w:1600
x-hcdn-upstream-rt
0.553
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3910
I.ashx
campaigns.williamhill.com/ Frame 40F4
1 KB
2 KB
Document
General
Full URL
https://campaigns.williamhill.com/I.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ee258d4daee6a27b0cadc3d61e39851aca39aba34127a9e4df83ab2205e411a7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lucky31.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
1447
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Feb 2024 00:42:23 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
I.ashx
campaigns.williamhill.com/ Frame 6A30
1 KB
2 KB
Document
General
Full URL
https://campaigns.williamhill.com/I.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
55f551b4ed470c1648c2bc75af1294954842b3c7346f00a3a98d3b4d451626a2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lucky31.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
1447
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Feb 2024 00:42:23 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
renderBanner.do
mediaserver.entainpartners.com/ Frame 0BF6
472 B
831 B
Document
General
Full URL
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2023057&t=f&v=1&securedDomain=y
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f50f9b0e39aec9e0925fac24549056da468d240f610ba786e28df429c4f4637e

Request headers

Referer
https://lucky31.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8569fd757cad4bcf-BUF
content-encoding
gzip
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Sat, 17 Feb 2024 00:42:23 GMT
server
cloudflare
vary
Accept-Encoding
x-ua-compatible
IE=EmulateIE7
ad.aspx
ads.betfair.com/ Frame 4129
2 KB
2 KB
Document
General
Full URL
https://ads.betfair.com/ad.aspx?bid=9031&pid=9241
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.153.16 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cace0036cd313527798094338c29c975646fe4e3399576af962721bc4dade966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-expose-headers
Request-Context
alt-svc
h3=":443"; ma=86400
cache-control
private,no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8569fd756f7936fd-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 00:42:23 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFz89Grpu9xjNPpfFGsPzQSJrsajrxA8sHcrm49EZWwU1E1tOhZiFA%2B5qNMXtfbztaZXSDWW6iyc0Jcni%2F0kz6OjZh%2F%2FdYRuDZbR5wvcdcXAetE8zx9DTItFEf4r3BJM7g%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-azure-ref
07wDQZQAAAABeYNT4TeHXQK1ZgGu3GkA9WU1RMDFFREdFMDcxNwAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
renderBanner.do
mediaserver.entainpartners.com/ Frame F4B3
468 B
662 B
Document
General
Full URL
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022761&t=f&v=1&securedDomain=y
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecda085b65681b94de4bc6a4adae55c72f46e45978de715bafd7092d2d59d92

Request headers

Referer
https://lucky31.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8569fd757caf4bcf-BUF
content-encoding
gzip
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Sat, 17 Feb 2024 00:42:23 GMT
server
cloudflare
vary
Accept-Encoding
x-ua-compatible
IE=EmulateIE7
gradient.jpg
lucky31.co.uk/
2 KB
2 KB
Image
General
Full URL
https://lucky31.co.uk/gradient.jpg
Requested by
Host: lucky31.co.uk
URL: https://lucky31.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:21:d30c:4ac0:a860:d761:df37 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lucky31.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
content-encoding
br
last-modified
Tue, 12 Dec 2023 20:12:09 GMT
server
hcdn
etag
W/"999-6578be99-94861dc139f7f2c7;;;"
x-hcdn-request-id
1878e2af982df539ceaf2c7089e2188c-phx-edge4
content-type
text/html
x-turbo-charged-by
LiteSpeed
platform
hostinger
alt-svc
h3=":443"; ma=86400
content-length
914
/
servedby.flashtalking.com/imp/1/103922;3605126;201;js;netrefercom;BFUKIENetreferSportsGenericFootball728x90/ Frame 4129
0
0
Script
General
Full URL
https://servedby.flashtalking.com/imp/1/103922;3605126;201;js;netrefercom;BFUKIENetreferSportsGenericFootball728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=&cachebuster=221100.88203018164
Requested by
Host: ads.betfair.com
URL: https://ads.betfair.com/ad.aspx?bid=9031&pid=9241
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.208.32.229 Philadelphia, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-32-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.betfair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

s.5.6.min.js
wlwilliamhill.eacdn.com/TrafficOpt/ Frame 6A30
7 KB
3 KB
Script
General
Full URL
https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language
en-US,en;q=0.9
Referer
https://campaigns.williamhill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2016 16:08:31 GMT
etag
"56fbf9ff-1a7b"
x-azure-ref
07wDQZQAAAADeZN2jlH+kTKq+0tpv1c1VTU5aMjIxMDYwNjExMDIzADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache
TCP_MISS
content-type
application/javascript
cache-control
max-age=0, no-cache
accept-ranges
bytes
Ad_251.js
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ Frame 6A30
1 KB
951 B
Script
General
Full URL
https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_251.js?t=2024021700
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09ef658fe8ad9abca2867f44b68b716cbfd3c10ba7620f6586f708af5cccb61e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://campaigns.williamhill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:22 GMT
content-encoding
br
last-modified
Mon, 20 Nov 2023 08:32:23 GMT
etag
"655b1997-58b"
x-azure-ref
07wDQZQAAAAAtmoMCyNmTQI+pZcSXOKY8TU5aMjIxMDYwNjExMDIzADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache
TCP_MISS
content-type
application/javascript
cache-control
max-age=0, no-cache
accept-ranges
bytes
293253_728_x_90.gif
mediaserver.entainpartners.com/images/AdServer/Ladbrokes/Sports/ Frame 0BF6
23 KB
23 KB
Image
General
Full URL
https://mediaserver.entainpartners.com/images/AdServer/Ladbrokes/Sports/293253_728_x_90.gif
Requested by
Host: mediaserver.entainpartners.com
URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2023057&t=f&v=1&securedDomain=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a519ee9c37f62f2574138e8e6d13a09ff8c5391cddc258f2e63eb654bc3936

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2023057&t=f&v=1&securedDomain=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Mar 2021 15:35:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400, public
accept-ranges
bytes
cf-ray
8569fd78df8a4bcf-BUF
content-length
23148
x-ua-compatible
IE=EmulateIE7
291369_728x90_DMP.gif
mediaserver.entainpartners.com/images/AdServer/Coral/Sports/ Frame F4B3
31 KB
31 KB
Image
General
Full URL
https://mediaserver.entainpartners.com/images/AdServer/Coral/Sports/291369_728x90_DMP.gif
Requested by
Host: mediaserver.entainpartners.com
URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022761&t=f&v=1&securedDomain=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5186d61ba8150f3d27523586777a11e14ef10801ad056f88b70e3f1752f21f1d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=2022761&t=f&v=1&securedDomain=y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Mar 2021 16:35:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400, public
accept-ranges
bytes
cf-ray
8569fd78df9c4bcf-BUF
content-length
32109
x-ua-compatible
IE=EmulateIE7
s.5.6.min.js
wlwilliamhill.eacdn.com/TrafficOpt/ Frame 40F4
7 KB
3 KB
Script
General
Full URL
https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language
en-US,en;q=0.9
Referer
https://campaigns.williamhill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2016 16:08:31 GMT
etag
"56fbf9ff-1a7b"
x-azure-ref
07wDQZQAAAADOhn+RwfeuRb5FTBQwI6ISTU5aMjIxMDYwNjExMDIzADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache
TCP_MISS
content-type
application/javascript
cache-control
max-age=0, no-cache
accept-ranges
bytes
Ad_242.js
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ Frame 40F4
1 KB
890 B
Script
General
Full URL
https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_242.js?t=2024021700
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e45e56433de4ca5cb7775f3a8aa333e4d9be0df20d1906a7c41daefd0c078b6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://campaigns.williamhill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:23 GMT
content-encoding
br
last-modified
Mon, 20 Nov 2023 08:32:18 GMT
etag
"655b1992-58e"
x-azure-ref
07wDQZQAAAACqwtc5JysrT4wScNO2HEknTU5aMjIxMDYwNjExMDIzADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache
TCP_MISS
content-type
application/javascript
cache-control
max-age=0, no-cache
accept-ranges
bytes
C.ashx
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame 9FF3
64 KB
30 KB
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f149.1e100.net
Software
cafe /
Resource Hash
660758063e4d0f2cce888cd396c5dc5f2dd0c2626fbd267f5c1c89684b0cffe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.williamhill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
30226
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 00:42:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
T.ashx
campaigns.williamhill.com/ Frame D483
0
765 B
Document
General
Full URL
https://campaigns.williamhill.com/T.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&t=638437273440610000&MediaID=309&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://campaigns.williamhill.com/I.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 17 Feb 2024 00:42:24 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
C.ashx
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame 83A1
64 KB
30 KB
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f149.1e100.net
Software
cafe /
Resource Hash
61eb590d03d6c27278c8c33895b165c2c25857d0bf7d2951d834f2c101b80457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.williamhill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
30157
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 00:42:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
T.ashx
campaigns.williamhill.com/ Frame BA6E
0
765 B
Document
General
Full URL
https://campaigns.williamhill.com/T.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&t=638437273440650000&MediaID=300&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://campaigns.williamhill.com/I.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 17 Feb 2024 00:42:24 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
6776102513870816607
s0.2mdn.net/simgad/ Frame 83A1
150 KB
150 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6776102513870816607
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
500ab78402d9f54b7f202a159091a98c3d577ad7363d05242d3e6b8cce973be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 17 Feb 2024 00:42:24 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153736
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 14:32:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Feb 2025 00:42:24 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/ Frame 83A1
10 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 17:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
26955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4124
x-xss-protection
0
server
cafe
etag
9042593224187393105
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Mar 2024 17:13:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 83A1
12 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 16:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
27796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Mar 2024 16:59:08 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 83A1
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 23:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
3514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 00:43:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 83A1
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsui6iYEBU30H2jhmgKo1OLA1cF0z6-WHAP4DPrvfDURlM_HL0V40T9DWdZtZ02QvotTPNXjoNmL5Oo_9Qt0MxY8A5P1ugqYKdQSmf08eAkKlj-D_FElbJbPvOaqD0AKvAbD2TuUNZcyuIOFkPP7NiSE6h5BKeadoGL4R1oysLQnX4NvG6WfJow&sai=AMfl-YR33zxBM6keIOarCO3114X_io7un1eiMGZlQDnEL1DmtqQjMurbg6S_5zhJFSQsTwLzGfLOfbEZjyNGhmM&sig=Cg0ArKJSzPO_cuAubyw9EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240215.30068&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 17 Feb 2024 00:42:24 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 83A1
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 14:05:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
124593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 14:05:51 GMT
10632851464355920200
s0.2mdn.net/simgad/ Frame 9FF3
118 KB
119 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/10632851464355920200
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf670f99006a6e87aa898d96f0fc02a2ed98ca10e73b66bfe845d5b8cd2be07f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 17 Feb 2024 00:42:24 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121290
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 14:32:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Feb 2025 00:42:24 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/ Frame 9FF3
10 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 17:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
26955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4124
x-xss-protection
0
server
cafe
etag
9042593224187393105
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Mar 2024 17:13:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 9FF3
12 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 16:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
27796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Mar 2024 16:59:08 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9FF3
204 KB
62 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 23:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
3514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 00:43:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9FF3
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLMq3jy6CWnntxGZiWLOIMBmMbVKB9apm9XwtRoCnhrC3FWa44QHQeMAeZUxvsKGKOyreq7kKp1EyhXjS2RqSxKJAPDgwMAMWx5sWK-F0D7p-wcEA1CaW1vl0zdGcmLWtbtqUDsTWAhiu5FEmR6XflTBTu9vcABW_wm0ARo8isgZEkvCQTgeI&sai=AMfl-YQcamE-1UVv3yP54Ibvd-UK9b5nLe2Qi6nOpDlQR4f_E4Eg4pZOsqB07K134GHbAhsEOdmc8WySbwCVi7E&sig=Cg0ArKJSzACaPz64l6INEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=1&cisv=r20240215.64726&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 17 Feb 2024 00:42:24 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9FF3
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 14:05:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
124593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 14:05:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9FF3
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48d1ed4875507124818d0b017958cdbd834b2bac1abec9dc1eb538ab23e9880c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5852
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 83A1
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef48e766c0bb09faee19fdeb4095758092698057b58bc18f310feef9926ef7b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5916
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9FF3
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLMq3jy6CWnntxGZiWLOIMBmMbVKB9apm9XwtRoCnhrC3FWa44QHQeMAeZUxvsKGKOyreq7kKp1EyhXjS2RqSxKJAPDgwMAMWx5sWK-F0D7p-wcEA1CaW1vl0zdGcmLWtbtqUDsTWAhiu5FEmR6XflTBTu9vcABW_wm0ARo8isgZEkvCQTgeI&sai=AMfl-YQcamE-1UVv3yP54Ibvd-UK9b5nLe2Qi6nOpDlQR4f_E4Eg4pZOsqB07K134GHbAhsEOdmc8WySbwCVi7E&sig=Cg0ArKJSzACaPz64l6INEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=239&vt=11&dtpt=236&dett=2&cstd=1&cisv=r20240215.64726&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584723;sz=728x90;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_251c_&affid=1213670&siteid=46719&adid=251&c=&MediaID=309&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 17 Feb 2024 00:42:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 83A1
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsui6iYEBU30H2jhmgKo1OLA1cF0z6-WHAP4DPrvfDURlM_HL0V40T9DWdZtZ02QvotTPNXjoNmL5Oo_9Qt0MxY8A5P1ugqYKdQSmf08eAkKlj-D_FElbJbPvOaqD0AKvAbD2TuUNZcyuIOFkPP7NiSE6h5BKeadoGL4R1oysLQnX4NvG6WfJow&sai=AMfl-YR33zxBM6keIOarCO3114X_io7un1eiMGZlQDnEL1DmtqQjMurbg6S_5zhJFSQsTwLzGfLOfbEZjyNGhmM&sig=Cg0ArKJSzPO_cuAubyw9EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=289&vt=11&dtpt=288&dett=2&cstd=0&cisv=r20240215.30068&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23702687.265584750;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_46719b_242c_&affid=1213670&siteid=46719&adid=242&c=&MediaID=300&IsAd=1&IAref=https%3A%2F%2Flucky31.co.uk%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 17 Feb 2024 00:42:24 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0A2E
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
102451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 20:14:53 GMT
expires
Fri, 14 Feb 2025 20:14:53 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 719F
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
102451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 20:14:53 GMT
expires
Fri, 14 Feb 2025 20:14:53 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 83A1
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 00:42:24 GMT
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 0A2E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 11:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
49335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 11:00:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9FF3
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 00:42:24 GMT
QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
pagead2.googlesyndication.com/bg/ Frame 719F
51 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
sffe /
Resource Hash
42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:25:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
91033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19784
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 23:25:11 GMT
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 8A9C
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 11:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
49335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 11:00:09 GMT
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame E62B
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 11:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
49335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 11:00:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A2E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5Qk78ADQZazMCqqlnboPvsKKyAsAAAAAOAHgBAI&bg=!3N-l35DNAAZN4L4YbeA7ADQBe5WfOFxzdoQuDNdRk0jyk7W4W-ME6Xp3VnmlIFoUFDpy-ok9Q5Q3bRHMWHiYoGaes8f9AgAAAmJSAAAACWgBBwoAA6I_GJkDBgP6oO54z-oNjPFoGO52eicCI4C2IW7KICja1x5ikrObDYa-JhUo7KDGA1v_If9Br_2xD9kDH2DH0NHOKU3cT7tzQyEFlA4NvI3PuFMYntW2m3QR9ZmLQ-7iN0TEirjKlnxBW26mzQluBpMKjiUY-k-dmDimjjxvjh3qs_EqEd5JI0Tx-BTN30ZDvUg4X1ds-UUfBYUTbe1MCtoRCHvQVWTaFjpNqMrAjPaE4ml0V5kMOmBNPvFQ4nuBSitfADpw4FBWgPiydKTbl2X9Mgcu3moRyoXFfQjsM2fRKcRgEGnBJ18mV54oaEiqXTcMWBZyqTTZykVHiMVZAgwaeM_Epi8QLjhuRccE0UcTScFaAVs4qPA7S5wmb79wDqf3PbDR4gi5fDnOxgiS9ZgWj1lnoiku3xNlxNJ7i6vwezlh43Zlig2N95SYyprrB-NRjtC_NCmrFhj1wAKp10vFQ-US2FXxSquXwZFg7FE6P82qBSUq7YVl1V1k8R80yK38VR6J5oz6e5BFg_UOVhyy40Pk2g7NofW9LZTK-uS-pXqMD3QZeGjHfLC5V8FH7LofVCqrpldwyvlaK5FNpiz7ZEVAVgVP-l7MXFMg1NV7fBd7wnMEmtt4HpsXLaVbod8tHAQAVWXunVNOiFtirW37n3D28BiUrByuOf4aKlZdu__zktZaP_pVLOPh-YkkUwnnqO6t8RYtABlawKUlDaKN5v4ifImL0TwNPaWHzNeI0z4CCGeXQcPq_vmrbgC_z0eW9q-nYb_8xXvcj2SBgxpntc-WFUDsQOUCMNzlMKUUs1hwyxVC3KHGpOrtbMCGIfO1zyMP-lOatsVQwtTbGMuk7wI2cQ3fB20uKilZ-x4jcSwQxc3YapbrIZ8QZsorP8NP4EghHqC5gHl0Yf8TKVeFmV8DlcWk2BzS3VzdktvVU_f2TdlZ_kTVT9Vr3Nf9KMfx1tQiX9ZeCf5KUyEoaQI5I0oFz4k3nEFRMl0n6zqGeBF5fmX0J2u0jEujWFXmXYBRNqnWpIWSNFxgMA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 00:42:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 719F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0NEd8ADQZcawCvG5nboPjoit-A4AAAAAOAHgBAI&bg=!4-Cl4K_NAAYBC1i-IQs7ADQBe5WfODd37hDaKuXb5gr2xbDRNEJBy04IrDfYNZoJ5mQ8mPxSGLD5Mgw9VWBCmr1mi2J_AgAAAmFSAAAACGgBB5kDHGQx8klQsger2jKNUQKUGhdulPB7z7eBZnk_TwB-wXEGwDQKEoIUIQGhj6mRFWBPG456n0PsUm760LDgoztptY7SlnBV3krnCMoU-Md0lUuSfWo9UfSLM7ChYHTe6dmvPHEabMr7LRrZzoSjebs_2TYdKpHzvSKrDVOAdEXvKpykuF8OkPXifRolcD00Z-eeJVsegRFT7wPeScDSZEfDgMHnmnTRr0W5KwmB4KHuGljWrAS3kT978USJgbMFfkgp-vvooZ81l01cBs7Nljtod9K8OAb0p-lf3vbsn3eFW1-exSFJRsI9O8gtpHx718G3tXlPT0ywsQUlFjbRymmIBds7fUL-EfWvA_MKgtkALKkuCmTHKQYtA8vWkieMbuV9VsIvTQ5ouudS1sm_DwaPOR8BdAJ9u4SPl04jOCLpNb2uB7P2ytEnJq43SQFimmxAT7eC1Yy4I8yCi0-2p8f49VDB_mL4YSUaBWrpbgpmRnTNnL64KHvnuziPjw1xmUNpcev7ZACyCPCx9D2J-lKWNMVnth7Hgw4WuIaTf08EnZYkABkzYnqgrwU7SMbSqv5ZzPuS9t9btBlCNz-UNegyxxKQLj4EunQowuwLhB-D7rENfiHSuKzBMBGZ7z1XSbuTRn3XoUrMqd3jJDy3cjMcgKQFX8fs_6G2Zafq_85FlawK8xhLG8kbqZRgkZ_0lLFksL0Z6ReCq4wSzRaAE8KGNTz2MsWHlqEn8VdXau-xEeDLilCZeQQblNjXCHL2PpsrUp5t76mChHftG8ec3uBzKozOcH_ajcwGUqwd1YBxnbdhSfH7tII5rnEl6xKHyGhljyHvjXJ7XLAA0tEdC3EuCYKhut2NySzXdssm4HdVqk8JSiPq0l0W2UdWi2VkSeNAki9p2a35V_zU0AJD8CNDaG3sdChLW0SL0DtMTQVjfQpViTUrhWPaK91tfSh6zWmKY0o7cSymdlnbs1j6x7Nx0Gnif50kdAjWJW8X4M-R-wTw2maEMGTr32_ZEEnSGlD3EukKfYcciF8ivKP-C36T3b_mb0O3F1mNyAWiRT8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 00:42:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FF3
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNSo2NxFCZWEawsT-a11nQvxmK1ZcW9-lFEk6MuenJvzY66EK6ISE03YrqGjq5dtEC5PL-ihDdUC02K4fkhN_d2kP-aq0_0MKSDnW2RrpGPPmAvOzHt1i-9rUzo6aS4qywCA&sig=Cg0ArKJSzB3Ns55ba6zEEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=406334400&rst=1708130544061&rpt=435&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 00:42:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 83A1
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3cVcDTS_EnAuHkCyT_Q1A-_HF-Ra6PE1j6ja9u0lYk13Vf6Py2QAYDki9UQcXBRoh5J02rEucLvj-R87T-IX-fjlCoFaoIIXotQm8nvgQT-FQ4i1JgFz2bNfNn1Kb9k06eA&sig=Cg0ArKJSzMeTBXZxWqBfEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=406334400&rst=1708130544065&rpt=501&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 00:42:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| dropCookie number| cookieDuration string| cookieName string| cookieValue function| createDiv function| createCookie function| checkCookie function| eraseCookie function| removeMe

10 Cookies

Domain/Path Name / Value
.betfair.com/ Name: NetRefer_CookieUniTrack_V
Value: %5b%7b%22PID%22%3a9241%2c%22BID%22%3a9009%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1708130543118)%5c%2f%22%2c%22CookieTag%22%3a%2290099241403101C2024217042%22%7d%5d
campaigns.williamhill.com/ Name: CEK
Value: a
.entainpartners.com/ Name: __cf_bm
Value: WG2EX9qVXQE9FtC8ypflWG1cJ6E61faV5djEpq8nNak-1708130543-1.0-ARDbK1uU1MpuL8kfGRMRfLWVpHSXBVt5Jp/fUVpURofmtzYaiyYX0qUNhboetfmfvnpo/0L0o74BJ54fjUAC6Gk=
campaigns.williamhill.com/ Name: A_251
Value: a=251&r=0&fv=20240217&lv=20240217124224&vc=1&fc=0&lc=0&cc=0
campaigns.williamhill.com/ Name: XYZ
Value: 120&1&148&&&&0&1&&6644a92f-40f8-4ec9-b9d9-81b6f7a76758&a_46719b_242&&
campaigns.williamhill.com/ Name: A_242
Value: a=242&r=0&fv=20240217&lv=20240217124224&vc=1&fc=0&lc=0&cc=0
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6UvRZmzl2n74NnXQHZI2rhmQDllh1ARXIl91xqps8rBICOrw
.doubleclick.net/ Name: IDE
Value: AHWqTUmQpUtm07psxJn8iMbAkh-IuBf3hoZKBVySISuYMdeInhv3hdQ6Xuenpl1CoWk
lucky31.co.uk/ Name: complianceCookie
Value: on

27 Console Messages

Source Level URL
Text
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://lucky31.co.uk/gradient.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://servedby.flashtalking.com/imp/1/103922;3605126;201;js;netrefercom;BFUKIENetreferSportsGenericFootball728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=&cachebuster=221100.88203018164
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lucky31.co.uk/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.betfair.com
campaigns.williamhill.com
googleads4.g.doubleclick.net
lucky31.co.uk
mediaserver.entainpartners.com
pagead2.googlesyndication.com
s0.2mdn.net
servedby.flashtalking.com
tpc.googlesyndication.com
wlwilliamhill.eacdn.com
104.19.153.16
172.253.122.149
172.253.63.154
20.93.81.72
23.208.32.229
2606:4700::6812:bd8
2607:f8b0:4004:c07::95
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c1d::84
2620:1ec:29:1::40
2a02:4780:21:d30c:4ac0:a860:d761:df37
09ef658fe8ad9abca2867f44b68b716cbfd3c10ba7620f6586f708af5cccb61e
0ecda085b65681b94de4bc6a4adae55c72f46e45978de715bafd7092d2d59d92
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
3b70cf9654d2c470f1642e33f05d3d438ae206cd778f2e2536ee7237f3ca5b7d
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
40a519ee9c37f62f2574138e8e6d13a09ff8c5391cddc258f2e63eb654bc3936
42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
48d1ed4875507124818d0b017958cdbd834b2bac1abec9dc1eb538ab23e9880c
495c45e997d5d26747fd23b8c98dbdbeed4f20575a5d5aaaf9d4f2375b58b933
500ab78402d9f54b7f202a159091a98c3d577ad7363d05242d3e6b8cce973be7
5186d61ba8150f3d27523586777a11e14ef10801ad056f88b70e3f1752f21f1d
55f551b4ed470c1648c2bc75af1294954842b3c7346f00a3a98d3b4d451626a2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eb590d03d6c27278c8c33895b165c2c25857d0bf7d2951d834f2c101b80457
660758063e4d0f2cce888cd396c5dc5f2dd0c2626fbd267f5c1c89684b0cffe4
6e71ead7ccf9abf691c9e8da26fbaa331ae24b03bdc6f21eaf6c541b8abc01f4
808a282563111c00f2cdb143f48b1ef2102e6f4ac33aae4340dea558648f3203
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
ad35522dc0e9dea8cf27f3ef4613b33c1efce4e601ac449e43366c6fde684efd
bf670f99006a6e87aa898d96f0fc02a2ed98ca10e73b66bfe845d5b8cd2be07f
cace0036cd313527798094338c29c975646fe4e3399576af962721bc4dade966
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45e56433de4ca5cb7775f3a8aa333e4d9be0df20d1906a7c41daefd0c078b6a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee258d4daee6a27b0cadc3d61e39851aca39aba34127a9e4df83ab2205e411a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef48e766c0bb09faee19fdeb4095758092698057b58bc18f310feef9926ef7b0
f50f9b0e39aec9e0925fac24549056da468d240f610ba786e28df429c4f4637e
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939