www.bethull.com Open in urlscan Pro
88.208.252.228 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.bethull.com/
Submission: On February 07 via manual (February 7th 2022, 5:35:16 pm UTC) from GB — Scanned from GB

Summary HTTP 48 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 48 HTTP transactions. The main IP is 88.208.252.228, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.bethull.com.

This is the only time www.bethull.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	88.208.252.228 88.208.252.228	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	40.127.232.184 40.127.232.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:bdf::69 2620:1ec:bdf::69	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
48	11

9 88.208.252.228 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: server88-208-252-228.fasthosts.net.uk

www.bethull.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.127.232.184 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

campaigns.williamhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::69 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlwilliamhill.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	139 KB
9	bethull.com www.bethull.com	282 KB
6	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 195 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	44 KB
4	williamhill.com campaigns.williamhill.com — Cisco Umbrella Rank: 303752	3 KB
3	eacdn.com wlwilliamhill.eacdn.com — Cisco Umbrella Rank: 715149	6 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	332 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
48	9

	Domain	Requested by
14	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	www.bethull.com	www.bethull.com
6	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	campaigns.williamhill.com	www.bethull.com wlwilliamhill.eacdn.com
3	wlwilliamhill.eacdn.com	campaigns.williamhill.com
2	www.googletagservices.com	ad.doubleclick.net
2	s0.2mdn.net	ad.doubleclick.net
2	ad.doubleclick.net	wlwilliamhill.eacdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.bethull.com
48	11

This site contains links to these domains. Also see Links.

Domain
www.hullcitytigers.com
twitter.com
www.visithullandeastyorkshire.com
www.facebook.com
www.youtube.com
plus.google.com
instagram.com
www.bbc.co.uk
creativecommons.org

Subject Issuer	Validity	Valid
campaigns.williamhill.com HydrantID SSL CA G3	`2021-10-27` - `2022-10-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://www.bethull.com/
Frame ID: 3467C6D6481C92F746BC0DB5F16CCC6D
Requests: 16 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235681;sz=640x480;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=&MediaID=400&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: 8A07C52AA6DDFB4FE40A08E22C197BA1
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=&t=637798521116560000&MediaID=400&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: 317CADDAB2C1851BFA3ADFB5F632B2DF
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c=&MediaID=386&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: 42034F0FFE72753B1D113AD2233E781B
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c=&t=637798521117950000&MediaID=386&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Frame ID: 23DD130A153BA23B60509A9FB21E12BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43E17EE217C2BC9C8B711D0A7FC41592
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 28AC1298674CCCE4F14D7EB2BCBC2EA4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
Frame ID: 3FB4418DEA5F9C00800D237F13984568
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
Frame ID: 05BD7ACDF6B9866680D8EC21C91D1108
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bet Hull City, Betting Odds, Football Tips

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

48
Requests

71 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

928 kB
Transfer

1368 kB
Size

5
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.hullcitytigers.com/
Title: The Hull City Tigers website can be found here

Search URL Search Domain Scan URL

URL: https://twitter.com/hullcity
Title: Official Club Twitter page

Search URL Search Domain Scan URL

URL: http://www.visithullandeastyorkshire.com/hey/culture.aspx
Title: The Official Hull Visitor Guide here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hulltigersofficial?fref=ts
Title: Official Hull Fans Facebook page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HCAFCOfficial
Title: Hull City FC Youtube page

Search URL Search Domain Scan URL

URL: https://plus.google.com/+HullTigers/posts
Title: Official Google + page for Hull City Tigers FC

Search URL Search Domain Scan URL

URL: https://plus.google.com/+chelseafc/posts
Title: Google +

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/chelseafc
Title: Youtube

Search URL Search Domain Scan URL

URL: https://instagram.com/chelseafc
Title: Instagram here

Search URL Search Domain Scan URL

URL: https://twitter.com/BetHull
Title: Follow Us On Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/HullCity
Title: Tweets by @hullcity

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/sport/football/60178655?at_medium=RSS&at_campaign=KARANGA
Title: Hull City 0-1 Preston North End: Cameron Archer winner earns points for Lilywhites

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/sport/football/60206655?at_medium=RSS&at_campaign=KARANGA
Title: Ryan Longman, Marcus Forss, Allahyar Sayyadmanesh & Liam Walsh join Hull City

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/sport/football/60093108?at_medium=RSS&at_campaign=KARANGA
Title: Hull City 2-0 Swansea City: Shota Arveladze era begins with comfortable win

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/news/uk-england-humber-60181197?at_medium=RSS&at_campaign=KARANGA
Title: Dr Assem Allam: Former Hull City owner in diabetes centre donation

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/sport/football/60171797?at_medium=RSS&at_campaign=KARANGA
Title: Acun Ilicali: Hull City owner wants Premier League return following takeover

Search URL Search Domain Scan URL

URL: https://creativecommons.org/choose/results-one?field_attribute_to_url=http://www.bethull.com/
Title: Creative License

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.bethull.com/ 21 KB
21 KB 219ms
155ms Document
text/html 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: e691cc4e8b4c870a37caaf922b00ee0137c5a0f0c234983921f3d746e991c904

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Server: nginx
Date: Mon, 07 Feb 2022 17:35:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Pingback: http://www.bethull.com/xmlrpc.php
Link: <http://www.bethull.com/wp-json/>; rel="https://api.w.org/", <http://www.bethull.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <http://www.bethull.com/>; rel=shortlink

GET
H/1.1 200
OK style.min.css
www.bethull.com/wp-includes/css/dist/block-library/ 77 KB
78 KB 99ms
50ms Stylesheet
text/css 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bethull.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: 7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Last-Modified: Mon, 07 Feb 2022 11:15:05 GMT
Server: nginx
ETag: "1357b-5d76bb671cd2a"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 79227

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.bethull.com/wp-includes/js/ 18 KB
18 KB 121ms
51ms Script
application/javascript 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bethull.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Last-Modified: Mon, 07 Feb 2022 11:15:06 GMT
Server: nginx
ETag: "4705-5d76bb67d42c2"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 18181

GET
H/1.1 200
OK style.css
www.bethull.com/wp-content/themes/bethull/ 27 KB
27 KB 86ms
49ms Stylesheet
text/css 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bethull.com/wp-content/themes/bethull/style.css?ver=5.9
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: 1552cf81d12f89deefeb22a024950b92b1b3b7c748bb446ddfa16aa770bd4a55

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Last-Modified: Tue, 02 Jul 2019 11:31:13 GMT
Server: nginx
ETag: "6cf9-58cb115091ddf"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 27897

GET
H/1.1 404
Not Found font-awesome.css
www.bethull.com/wp-content/themes/bethull/fonts/font-awesome/ 0
0 215ms
161ms Stylesheet
text/html 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bethull.com/wp-content/themes/bethull/fonts/font-awesome/font-awesome.css?ver=4.5.0
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Link: <http://www.bethull.com/wp-json/>; rel="https://api.w.org/"
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 21 KB
2 KB 120ms
66ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext

Requested by

Host: www.bethull.com
URL: http://www.bethull.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

909b5433b52632483a33e96af230a032e0dfb116ea1d0e31193a24d1bb119f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Mon, 07 Feb 2022 17:35:11 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 07 Feb 2022 17:35:11 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.bethull.com/wp-includes/js/jquery/ 87 KB
88 KB 104ms
51ms Script
application/javascript 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bethull.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Last-Modified: Mon, 07 Feb 2022 11:15:06 GMT
Server: nginx
ETag: "15db1-5d76bb67d90e2"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 89521

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.bethull.com/wp-includes/js/jquery/ 11 KB
11 KB 106ms
53ms Script
application/javascript 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bethull.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Last-Modified: Mon, 07 Feb 2022 11:15:06 GMT
Server: nginx
ETag: "2bd8-5d76bb67e0de2"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 11224

GET
H/1.1 200
OK cropped-bet-hull-header.jpg
www.bethull.com/wp-content/uploads/2015/03/ 23 KB
23 KB 100ms
50ms Image
image/jpeg 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bethull.com/wp-content/uploads/2015/03/cropped-bet-hull-header.jpg
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: ad426546b8cd13227d75aa2cb023a57123459f4767b990bd54306944d74d8ec5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Last-Modified: Tue, 02 Jul 2019 11:39:06 GMT
Server: nginx
ETag: "5cbf-58cb131392a35"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 23743

GET
H/1.1 200
OK S.ashx Show response
campaigns.williamhill.com/ 1 KB
988 B 223ms
79ms Script
text/html 40.127.232.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 09b836fb7a8e36548e884ecfa2b99a2be31f2a11c91501c25f32d443f47ef0a0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 504

GET
H/1.1 200
OK S.ashx Show response
campaigns.williamhill.com/ 1 KB
987 B 227ms
91ms Script
text/html 40.127.232.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c=
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 59c568f7b21513a9b9cb52028852e4b73c0479650516862f5f9de1e2b777069d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 503

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 108ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.bethull.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 11:15:36 GMT
X-Content-Type-Options: nosniff
Age: 454775
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44656
X-XSS-Protection: 0
Last-Modified: Thu, 28 Oct 2021 00:30:43 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 02 Feb 2023 11:15:36 GMT

GET
H/1.1 200
OK s.5.6.min.js Show response
wlwilliamhill.eacdn.com/TrafficOpt/ 7 KB
3 KB 207ms
60ms Script
application/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=
Protocol: HTTP/1.1
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

Referer: http://www.bethull.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2016 16:08:31 GMT
Server: nginx
ETag: "56fbf9ff-1a7b"
Transfer-Encoding: chunked
X-Cache: TCP_HIT
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache
X-Azure-Ref: 0T1gBYgAAAAA7087XCkpXTLQt/uQr4XDkRlJBMzFFREdFMDkwNwA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
X-Azure-Ref-OriginShield: 0+lcBYgAAAAD+iJiQEPhBSY2i3FwpPJOdQU1TMDRFREdFMTkxMQA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
Accept-Ranges: bytes

GET
H/1.1 200
OK Ad_342.js Show response
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ 1 KB
1 KB 207ms
60ms Script
application/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_342.js?t=2022020717
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=
Protocol: HTTP/1.1
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 89ba9b50a026be81d544ef2ad5518f4efc2d7e9a611561ad7975ed22d915275c

Request headers

Referer: http://www.bethull.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 07 Feb 2022 17:35:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Nov 2020 22:21:12 GMT
Server: nginx
ETag: "5fc02a58-4ca"
Transfer-Encoding: chunked
X-Cache: TCP_HIT
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache
X-Azure-Ref: 0T1gBYgAAAAAxg8UyJx6kS7tGSi3+3+OURlJBMzFFREdFMDkxNgA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
X-Azure-Ref-OriginShield: 0+lcBYgAAAAArxvkNaIm5Q6jWH0KHW7ELQU1TMDRFREdFMTgxNAA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
Accept-Ranges: bytes

GET
H2 200 C.ashx Show response
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235681;sz=640x480;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame 8A07 43 KB
22 KB 206ms
88ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235681;sz=640x480;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=&MediaID=400&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: wlwilliamhill.eacdn.com
URL: http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

840c45fa0c75c9b2cc20780847100ed23c8033546797f3dd7dbe9ca404f95108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Feb 2022 17:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 22090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK T.ashx Show response
campaigns.williamhill.com/ Frame 317C 0
702 B 344ms
216ms Document
text/plain 40.127.232.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.williamhill.com/T.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=&t=637798521116560000&MediaID=400&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Requested by: Host: wlwilliamhill.eacdn.com
URL: http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/

Response headers

Cache-Control: private
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 07 Feb 2022 17:35:11 GMT
Connection: close
Content-Length: 0

GET
H/1.1 200
OK Ad_328.js Show response
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ 1 KB
1 KB 130ms
130ms Script
application/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_328.js?t=2022020717
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c=
Protocol: HTTP/1.1
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 096fe1e73360fc477609797672669a1a01fd501e5e95dc139c6a91c000d5129d

Request headers

Referer: http://www.bethull.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Nov 2020 22:21:10 GMT
Server: nginx
ETag: "5fc02a56-4ca"
Transfer-Encoding: chunked
X-Cache: TCP_MISS
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache
X-Azure-Ref: 0T1gBYgAAAADyFTn1YRP5Qa1L3zKDoxeZRlJBMzFFREdFMDkwNwA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
X-Azure-Ref-OriginShield: 0T1gBYgAAAADO+ok/dVHFSrR/I1UR/sClQU1TMDRFREdFMTgyMgA1OGIyYWI1Ny04ZDc2LTQxYzEtODM5Ni0yZmY4MDg2ZTU4ZGM=
Accept-Ranges: bytes

GET
H2 200 C.ashx Show response
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame 4203 43 KB
21 KB 90ms
90ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c=&MediaID=386&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: wlwilliamhill.eacdn.com
URL: http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

4753e6da7426181debb6250fee34fdeb4e12e834ea004b6e4afbad558520f84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Feb 2022 17:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 21773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK T.ashx Show response
campaigns.williamhill.com/ Frame 23DD 0
702 B 301ms
169ms Document
text/plain 40.127.232.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.williamhill.com/T.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c=&t=637798521117950000&MediaID=386&MediaIndex=0&XYZ=120%261%26148%26%26%26%260%260%26%26
Requested by: Host: wlwilliamhill.eacdn.com
URL: http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/

Response headers

Cache-Control: private
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 07 Feb 2022 17:35:12 GMT
Connection: close
Content-Length: 0

GET
H/1.1 200
OK 18-200x300.jpg
www.bethull.com/wp-content/uploads/2019/09/ 15 KB
15 KB 97ms
49ms Image
image/jpeg 88.208.252.228
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bethull.com/wp-content/uploads/2019/09/18-200x300.jpg
Requested by: Host: www.bethull.com
URL: http://www.bethull.com/
Protocol: HTTP/1.1
Server: 88.208.252.228 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: server88-208-252-228.fasthosts.net.uk
Software: nginx /
Resource Hash: 882389f26f23b7ca46b5f97e8b10d89b4d2e9aa7faaac0a1d25e014aaf45060b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://www.bethull.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:35:11 GMT
Last-Modified: Mon, 09 Sep 2019 15:52:41 GMT
Server: nginx
ETag: "3bf4-59220c7236d29"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 15348

GET
H2 200 11052021-073546662-WHS_UK_H30_8Nov_NC_NewFootballSeason_640x480.gif
s0.2mdn.net/4897993/ Frame 8A07 258 KB
258 KB 288ms
171ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4897993/11052021-073546662-WHS_UK_H30_8Nov_NC_NewFootballSeason_640x480.gif

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235681;sz=640x480;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c=&MediaID=400&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea45fc195390c0ba21418ac50ec4e4972220b2874f6bc6fd4c06fcbbcb74bbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:42 GMT
x-content-type-options: nosniff
age: 1230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 263999
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 14:35:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Feb 2022 17:14:42 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/ Frame 8A07 10 KB
4 KB 177ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b7b3e6c8e05f2499894468692d4b61f676ba46e48c88955f3b5eec30b57b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4143
x-xss-protection: 0
server: cafe
etag: 5081232884614609635
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 16:07:16 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 8A07 8 KB
4 KB 171ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 17:25:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A07 123 KB
38 KB 224ms
108ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:35:12 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A07 0
524 B 204ms
88ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoop_cnzgwGevfot24wZgeRKEFh9TdXW3tZY-0wz8MwZfbG3zRH1rLsW39-ew4FjFnHWD50dT64TsZRTMp-jAiyYUVB2mwh4IJ-ie3-aPmktpogpgN4EAmwN5oT-J2s8GO_w&sig=Cg0ArKJSzJgOcKOZ8BJ4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220201.12795&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:35:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A07 41 KB
15 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 11:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Feb 2023 11:42:56 GMT

GET
H2 200 11052021-073519418-WHS_UK_H30_8Nov_NC_NewFootballSeason_160x600.gif
s0.2mdn.net/4897993/ Frame 4203 73 KB
74 KB 136ms
56ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4897993/11052021-073519418-WHS_UK_H30_8Nov_NC_NewFootballSeason_160x600.gif

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c=&MediaID=386&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12f15ecff59f388d3fe7745ef904f091e24e8f461e5b8573195d7c5318736cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:22:20 GMT
x-content-type-options: nosniff
age: 772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75081
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 14:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Feb 2022 17:22:20 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/ Frame 4203 10 KB
4 KB 142ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b7b3e6c8e05f2499894468692d4b61f676ba46e48c88955f3b5eec30b57b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4143
x-xss-protection: 0
server: cafe
etag: 5081232884614609635
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 16:07:16 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 4203 8 KB
3 KB 135ms
57ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 17:25:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4203 123 KB
37 KB 255ms
176ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:35:12 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4203 0
60 B 159ms
89ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQ93CscnOtVu4uHSvRtwXx9OrlPHVRyT-mBCqIl2v_y4QoOHWnAyJhB-LEOExUjBWJXh9cR_061rStoqOR19xqXcXm8xDZI1bTHXruDh9ZiWTNc4bSCxy6OW5C2ll2Jx_4RA&sig=Cg0ArKJSzEGzFkz74k-JEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220201.03977&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:35:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4203 41 KB
15 KB 131ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 11:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Feb 2023 11:42:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8A07 7 KB
6 KB 128ms
66ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b668d6d47f40083948d59e9046479c56059d4c4d294e8b3c36722e4652ac5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5725
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4203 7 KB
6 KB 130ms
72ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaa868f1053b444e08f62d30dda98700ae9a718abcf714af851610c7c3273e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5675
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 43E1 22 KB
8 KB 55ms
54ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 15:43:37 GMT
expires: Sun, 05 Feb 2023 15:43:37 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 179495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 28AC 22 KB
8 KB 55ms
55ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 15:43:37 GMT
expires: Sun, 05 Feb 2023 15:43:37 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 179495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame 43E1 35 KB
13 KB 118ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:04:23 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4203 0
23 B 154ms
92ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:35:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4203 17 KB
6 KB 208ms
207ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:35:12 GMT

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame 28AC 35 KB
13 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:04:23 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A07 0
23 B 89ms
88ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:35:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A07 17 KB
6 KB 151ms
150ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:35:12 GMT

GET
H3 200 DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FB4 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13595
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:03:58 GMT

GET
H3 200 DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js Show response
pagead2.googlesyndication.com/bg/ Frame 05BD 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13595
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:03:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43E1 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB79AT1gBYuLDMZjex_AP1qmC6A0AAAAAOAHgBAI&bg=!FxSlFFDNAAYZkRhwGZE7ACkAdvg8WiUtSFayn95nety8banFhWt_q2MaJAAKYYCq-OocwVIVa1a0VAIAAACpUgAAAAdoAQeZAtyS3gmYSC4LUeO5bM3MLWsxMnuNq2uHDOftHURN2ZeAkEyPL8YFydPW2iZ3Yihj1dZik3HwhlV6BCD6RxBu_ryRfKyuOBJ0XK5I-1r3v-jVO5jAuuwJVE6FOJPLGSKnGnbx1PjuNh92JnT6-WamZyI0S-_28xMybgDVt_KtzzH_J9yPeLMA0YOmtRK7WN4HcFt94d25jbeNaIpjql2FGKZ0X6kzY5ghbeGQFWAVbUlGDme-Pl-rVEe-sffTrPjvJNWWKOhElvL-3GunM2hq9UyfXLu5kz13guLXxtAVa7p0-l-aiid_VxKuTbD2L6Uzf4oZSQicee39U0OSycnOraQL4DKhu03-XCxievCeTiu9mtfMgxv1wSnSGczZVjDPmrMJUga8XclEeDyNxj3t_VhHnPBLxIth7VhlEt5hoMbLq4XV2iBt47qCSOc0oOJ9LwBiRpuVU_XRbgqqfzLn6wHfF4le1R7dSZ-jW2pb_LMu0fkL6S-OyJLkBSM2lkgm9TNWk1HXcUyZ8RmBQgvvF1cJ5a6p3LHbk8kSlNokJAeSxbuz0oJV7HNzLJjKgG_W345rIH4CfzgvjgacdYNBhtDgzGDqDzBLr9UJpNoDm2iT07dmCTaXa0vqIG2-v5QapCjk3CM47QtGOvzLhXo_pWOnLcfidMGUYTKQmsHgj_UQe1Yj0L5u3Ofx_l90BJ4GrQ2opU8lFsGUUz08sZ_w-CaeU0waTL17PE5u0hN1WIVjcKd9O3hKVR6VT3F0sEdTXB9786I8acXGCkZXJFs5I7eaG4IZ2SMcYGkgO0DQYGlvn_RZUK4NTPdDDTLUpVN58jSecygY-ytf14jDjvxB7JQ6nrBJX7gXTelqcpMPBW1u-6jAzyPF6Qci3uDg7eEzm0ACC43JgqfU1ok9HdcmKgPP7YqLpVCJLXKWn-W9dCsAYJFAiSkLpoMX1Ru3bEY5MKoJ71HKxZyNtMuSPGE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:35:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AC 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjcDKT1gBYorsMp6L3wOihqSgCQAAAAA4AeAEAg&bg=!xsWlxYHNAAYZkRhwGZE7ACkAdvg8WhPmRoWkipHQCWgC9Mm6is8BeohTv3E7i_kTJwJ02BE51znzQAIAAACVUgAAAAFoAQcKAJ5vZxOk2bYUpvix9JwuG-NMmKHz7rgi02PzpmcL7prUlWuoUZrlKHYjVWsRzO4zTSBSa1mTuE5hM91EO3KOp5E5tG-Wy5qMYyFxgK_JtoOfE6XChG68BxzGoaVTqhNoYlzOeRLzwXLhvStw7fD6CuxrPvCcYqo7bD_y9A6XjUPSZPTV8gwX4bgPTNjoQHYLIYYbrRU-N07ZaUzwR1u2W5kC3nmDqmsJbRgw7stE4EYhzEhB2nHhfTFU1Xn8ayFEEc7bE3l9JaOOjOS-JaOuKIB-TfVzoTzln9IGRCl5lCyNIaNRCCg_jxGVTSuSDfSyTRDmfx7fhO3mOcQsvPlhG-1A-fgjYbe_j5--YJ5sOqcT8I4vhHcN6xNLiFIeGD8_YJbeB_x4_S_DRd2_M1J_pbgrEtWz8pMbJU95ejyShTVSaSVG59xmHY2F8D5oq0NreZVFhjMD5boZYDlQLn5eSy0RdKv4ie3CgzPTFc7TBxG6zl90Dpcn6dELlhb2LBukNvKmBX9Hx26oKq9btYKftPgfsbWHrtiKZ1cLF80ZLCfJonLgb8abdQrQsh-04Amtr598R3XpJObuaqRrUxWBOBTgElz9yV8xKGIHxyCY4IbhmbFmPDiNdOMI3xmYaS2ZyNmvKKFZnt2rvPUMZa41EbrRMTfkxAiFJ_gTGtUs9qgaOk4gBXOcDxfaUUAvYBOHX4X1tW4Iy6OBXxlmazDlOrYAUf6-hazl7Cs4mSr8lJ-FTJjzzneJHWRu-jO9_4sWW5HU41xzsHRXpY1rDMhUvd1YFnbciSCME5cxNMeJTk643gJr0j68z_0PC_isPzDlFlkRfIFmI_7C-lxgMeV2jLI24gL0Ekw6nKFPqcMyF-bSGd43eD0VtsfmddOh7HspCxvw_9Ai6FtmIKaslk0BlRhZvg32rKhF8-eDpvk1Nu4AQlUOyEm7Tna6BjzOrPkrVnz86pBuv8n-jDjd06K8p4PUjqY1AgUxxBosep4Xn3pn2-KvqCFdOSlzYh84v34A3KoWmsGaAqn97hP9z6akbHtaVMr_f1Htw88ytTb5j7ucXuRvo6REH1KSBQm5mvTJ-fA79Q6w1iofWTvP6N034w6ZWZT5e8JFk7t7U-wpHbiY_zGcyPpBFeGo4sGV5btwt2WRqb3PmhtxXWkM-9JQ07C9EYQUwiCZMyxuHP79IjjN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:35:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A07 42 B
64 B 91ms
90ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul0yeIh-7J_nYn4L2DcFwLlmdvdGXdQEDqhMMJkrOICk3YHv4BLiVvAGrdFHs-TYR5szjRiMno-h1LT82zZqQ&sig=Cg0ArKJSzKLTAcS-7y6MEAE&id=lidar2&mcvt=1001&p=0,0,480,640&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=0&rs=6&la=1&cr=0&vs=4&r=v&rst=1644255311656&rpt=551&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4203 42 B
64 B 88ms
87ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVbyOHmscdXLUa-HDnJQGCPdSDrx5V0lmNXZ5z6wvMQUU-tT1R7myuTmce6EkrH_pcRCYX6Bi0F3pNBkYWwe8&sig=Cg0ArKJSzOk2V4QI5l5GEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&vs=4&r=v&rst=1644255311795&rpt=440&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
campaigns.williamhill.com/	1978-01-11 21:31:40	Name: CEK Value: a
.doubleclick.net/	1970-01-20 00:44:16	Name: test_cookie Value: CheckForPermission
campaigns.williamhill.com/	1970-01-20 02:53:51	Name: A_342 Value: a=342&r=0&fv=20220207&lv=20220207053511&vc=1&fc=0&lc=0&cc=0
campaigns.williamhill.com/	1970-01-20 02:53:51	Name: XYZ Value: 120&1&148&&&&0&1&&af44b461-80f0-45d9-9a38-de84fe8e71ad&a_185219b_328&&
campaigns.williamhill.com/	1970-01-20 02:53:51	Name: A_328 Value: a=328&r=0&fv=20220207&lv=20220207053512&vc=1&fc=0&lc=0&cc=0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.bethull.com/wp-content/themes/bethull/fonts/font-awesome/font-awesome.css?ver=4.5.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_342c_&affid=1738078&siteid=185219&adid=342&c= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_342.js?t=2022020717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://campaigns.williamhill.com/S.ashx?btag=a_185219b_328c_&affid=1738078&siteid=185219&adid=328&c= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_328.js?t=2022020717, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
campaigns.williamhill.com
fonts.googleapis.com
fonts.gstatic.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
wlwilliamhill.eacdn.com
www.bethull.com
www.googletagservices.com
142.250.185.194
142.250.185.230
2620:1ec:bdf::69
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
40.127.232.184
88.208.252.228
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
096fe1e73360fc477609797672669a1a01fd501e5e95dc139c6a91c000d5129d
09b836fb7a8e36548e884ecfa2b99a2be31f2a11c91501c25f32d443f47ef0a0
0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f15ecff59f388d3fe7745ef904f091e24e8f461e5b8573195d7c5318736cd3
1552cf81d12f89deefeb22a024950b92b1b3b7c748bb446ddfa16aa770bd4a55
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
3b7b3e6c8e05f2499894468692d4b61f676ba46e48c88955f3b5eec30b57b346
4753e6da7426181debb6250fee34fdeb4e12e834ea004b6e4afbad558520f84a
4b668d6d47f40083948d59e9046479c56059d4c4d294e8b3c36722e4652ac5c7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
59c568f7b21513a9b9cb52028852e4b73c0479650516862f5f9de1e2b777069d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
840c45fa0c75c9b2cc20780847100ed23c8033546797f3dd7dbe9ca404f95108
882389f26f23b7ca46b5f97e8b10d89b4d2e9aa7faaac0a1d25e014aaf45060b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89ba9b50a026be81d544ef2ad5518f4efc2d7e9a611561ad7975ed22d915275c
909b5433b52632483a33e96af230a032e0dfb116ea1d0e31193a24d1bb119f72
ad426546b8cd13227d75aa2cb023a57123459f4767b990bd54306944d74d8ec5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e691cc4e8b4c870a37caaf922b00ee0137c5a0f0c234983921f3d746e991c904
ea45fc195390c0ba21418ac50ec4e4972220b2874f6bc6fd4c06fcbbcb74bbad
eaa868f1053b444e08f62d30dda98700ae9a718abcf714af851610c7c3273e76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

www.bethull.com Open in urlscan Pro 88.208.252.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

71 %HTTPS

64 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

928 kBTransfer

1368 kBSize

5 Cookies

17 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bethull.com Open in urlscan Pro
88.208.252.228 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

71 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

928 kB
Transfer

1368 kB
Size

5
Cookies

48 HTTP transactions
0 data transactions