urlscan.io logo urlscan.io
SecurityTrails logo

bookmakers.click Open in urlscan Pro
162.240.55.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bookmakers.click/
Effective URL: https://bookmakers.click/202-login.php
Submission Tags: tranco_l324
Submission: On May 17 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 162.240.55.168, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is bookmakers.click.
TLS certificate: Issued by R3 on April 13th 2024. Valid for: 3 months.
This is the only time bookmakers.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 162.240.55.168 46606 (UNIFIEDLA...)
2 104.18.11.207 13335 (CLOUDFLAR...)
2 2a04:4e42:200... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
11 216.58.206.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
27 7
7    162.240.55.168 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 5722606.gamingtips.org.uk
bookmakers.click
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
11    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
158 KB
7 bookmakers.click
bookmakers.click
226 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
142 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
96 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103
30 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 297
30 KB
27 6
Domain Requested by
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
bookmakers.click
pagead2.googlesyndication.com
7 bookmakers.click 1 redirects bookmakers.click
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 code.jquery.com bookmakers.click
2 maxcdn.bootstrapcdn.com bookmakers.click
1 www.googletagservices.com bookmakers.click
0 13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
27 8

This site contains no links.

Subject Issuer Validity Valid
*.bookmakers.click
R3		 2024-04-13 -
2024-07-12		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://bookmakers.click/202-login.php
Frame ID: ECE70D4FFA5363CEA2BD29217DE504AA
Requests: 17 HTTP requests in this frame

Frame: https://13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 98DA100A053C73A40B956D278B852662
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuSSyiM9y9LwwKIOkwNn5_-xS2ZajjAYXNqM7hzURqigMFNZ8iEv2rG4VTk1AAaJ7miI1pDlEc_ZBTJ4mFqIhKjriWyLqNMd7i3_JI0Wtwmh7UrR0FDnwiWSyj0xZkeZ1JJ9UYiFcRzQkNVLmVqqVU_nU0wFr9c5x2S4FzbvsR769pw0vCbnpgJ83zRLVfwchipP53Dy27BNPepCxaZwrmBOHQgSna1DboY7Nng2TsFgMfWnqUsFJfJXA_1lDQmZ629gxfk0muSv826Ql8XWKnkXq41AdVbfkfghriFRqXmhJZYDVURKfablBcu9Z8z_l559XsrIW2V_h2cboRoFMN7xR88azKexXQLU0vPWdHeCGB7TjpIfy9IIQ&sig=Cg0ArKJSzKzig1RttlvPEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3F424A35BE9A938C016A181A97C08C46
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52AAFDA786A0634FC168FC51D10ECF17
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prosper202 ClickServer

Page URL History Show full URLs

  1. http://bookmakers.click/ HTTP 307
    https://bookmakers.click/ HTTP 302
    https://bookmakers.click/202-login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

27
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

682 kB
Transfer

1629 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bookmakers.click/ HTTP 307
    https://bookmakers.click/ HTTP 302
    https://bookmakers.click/202-login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 202-login.php
bookmakers.click/
Redirect Chain
  • http://bookmakers.click/
  • https://bookmakers.click/
  • https://bookmakers.click/202-login.php
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bookmakers.click/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.55.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5722606.gamingtips.org.uk
Software
Apache /
Resource Hash
36deefa92fdbd2b7f41f80b1b91ec37de6bf8f977d5359edef11358205dfb6be

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 01:02:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 17 May 2024 01:02:12 GMT
location
/202-login.php
server
Apache
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
5559571
cdn-cachedat
08/04/2023 12:50:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7e74c5fea2151758aaf7c8cf1f839c4a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
884fae4b7ed99106-FRA
cdn-requestpullsuccess
True
flat-ui-pro.min.css
bookmakers.click/202-css/css/ 		173 KB
173 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookmakers.click/202-css/css/flat-ui-pro.min.css
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.55.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5722606.gamingtips.org.uk
Software
Apache /
Resource Hash
db62a54bbf8c279af70d72cdbc3d86c59937009a2141641d479c04330e6aeaeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/202-login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:13 GMT
last-modified
Sat, 02 Jul 2016 04:21:54 GMT
server
Apache
accept-ranges
bytes
content-length
177140
content-type
text/css
custom.min.css
bookmakers.click/202-css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bookmakers.click/202-css/custom.min.css
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.55.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5722606.gamingtips.org.uk
Software
Apache /
Resource Hash
db862284a3ee6653f7899d78b921e1834acca7d10975ec6e7d99b4ebcd1434b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/202-login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:13 GMT
last-modified
Sat, 02 Jul 2016 04:21:54 GMT
server
Apache
accept-ranges
bytes
content-length
8820
content-type
text/css
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7324633
x-cache
HIT, HIT
content-length
33262
x-served-by
cache-lga13622-LGA, cache-fra-etou8220144-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715907734.340781,VS0,VE0
etag
W/"28feccc0-176bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
7, 35261
jquery-ui.min.js
code.jquery.com/ui/1.11.2/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.2/jquery-ui.min.js
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5589980
x-cache
HIT, HIT
content-length
64186
x-served-by
cache-lga21955-LGA, cache-fra-etou8220144-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715907734.340769,VS0,VE0
etag
W/"28feccc0-3a7cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 2688
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
5554932
cdn-cachedat
2021-06-01 19:39:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
cc9c4f0d341b28a2bf97da1ba3da67e8
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
884fae4b7ed89106-FRA
cdn-requestpullsuccess
True
prosper202.png
bookmakers.click/202-img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bookmakers.click/202-img/prosper202.png
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.55.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5722606.gamingtips.org.uk
Software
Apache /
Resource Hash
da952404504cfec7bef8933dcff27ef366563ccbe2e6983f5ef888efddc03d3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/202-login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:13 GMT
last-modified
Sat, 02 Jul 2016 04:21:54 GMT
server
Apache
accept-ranges
bytes
content-length
5415
content-type
image/png
gpt.js
www.googletagservices.com/tag/js/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4705bbb173d72187eb97438123ccd331aedd5fdc2d4613e9b8a9d89368d4bcd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29915
x-xss-protection
0
server
cafe
etag
137 / 19860 / 31083737 / config-hash: 16773253075833629445
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 May 2024 01:02:15 GMT
lato-regular.woff
bookmakers.click/202-css/fonts/lato/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bookmakers.click/202-css/fonts/lato/lato-regular.woff
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-css/css/flat-ui-pro.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.55.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5722606.gamingtips.org.uk
Software
Apache /
Resource Hash
7e14b4e3561f0efd6d6f15d4ee390287527fdc30748a0c562f1bccd485464f3a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/202-css/css/flat-ui-pro.min.css
Origin
https://bookmakers.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:14 GMT
last-modified
Sat, 02 Jul 2016 04:21:54 GMT
server
Apache
accept-ranges
bytes
content-length
35464
content-type
font/woff
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/ 		454 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6d013a60e271e3e6fe53ef560fe86eacf2ca61906387768a57cd94ecf9cdffe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 19:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
19110
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145088
x-xss-protection
0
server
cafe
etag
11249215813402404305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 May 2025 19:43:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		70 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bookmakers.click
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6aae4b57e26315575f9731c71e99ca9daec2507b606162c8f49f2a76f24be5b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
x-xss-protection
0
expires
Fri, 17 May 2024 01:02:15 GMT
ads
pagead2.googlesyndication.com/gampad/ 		65 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2850121617659348&correlator=2575720600073136&eid=44809527%2C31083346%2C31083555%2C31083361%2C31083737%2C95331444%2C31078668&output=ldjh&gdfp_req=1&vrg=202405150101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1006305%2CP202_CS_Login_Page_288x200&enc_prev_ius=%2F0%2F1&prev_iu_szs=288x200&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1715907735222&lmt=1715907735&adxs=651&adys=455&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNjAiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi42MCJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbookmakers.click%2F202-login.php&vis=1&psz=341x537&msz=288x-1&fws=0&ohw=0&ga_vid=1890637665.1715907735&ga_sid=1715907735&ga_hid=1838968316&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1715907734051&idt=1157&adks=1334064552&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a0bd5232485fd52c91d35213be6c4ab244f6d38dfd10cdcb56be0a4a64c5fdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23976
x-xss-protection
0
google-lineitem-id
70352765
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138257846555
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bookmakers.click
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98DA 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
cec75e302cbf16a6cf5a5c01019bbae0119bea4dcfe6ca574d29f9182b2a5d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12777
x-xss-protection
0
view
pagead2.googlesyndication.com/pcs/ Frame 3F42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuSSyiM9y9LwwKIOkwNn5_-xS2ZajjAYXNqM7hzURqigMFNZ8iEv2rG4VTk1AAaJ7miI1pDlEc_ZBTJ4mFqIhKjriWyLqNMd7i3_JI0Wtwmh7UrR0FDnwiWSyj0xZkeZ1JJ9UYiFcRzQkNVLmVqqVU_nU0wFr9c5x2S4FzbvsR769pw0vCbnpgJ83zRLVfwchipP53Dy27BNPepCxaZwrmBOHQgSna1DboY7Nng2TsFgMfWnqUsFJfJXA_1lDQmZ629gxfk0muSv826Ql8XWKnkXq41AdVbfkfghriFRqXmhJZYDVURKfablBcu9Z8z_l559XsrIW2V_h2cboRoFMN7xR88azKexXQLU0vPWdHeCGB7TjpIfy9IIQ&sig=Cg0ArKJSzKzig1RttlvPEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: bookmakers.click
URL: https://bookmakers.click/202-login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/ Frame 3F42 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
16795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9112
x-xss-protection
0
server
cafe
etag
9535300308894514296
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 May 2024 20:22:20 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/ Frame 3F42 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240513/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 20:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 May 2024 20:22:19 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3F42 		214 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 00:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66400
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 May 2024 01:22:20 GMT
13929413282998392376
tpc.googlesyndication.com/simgad/ Frame 3F42 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13929413282998392376
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30199eb7592f9dc2d5fc61f19b2c5e9cade92002db1b13609452ab57b02ae082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 16 May 2025 18:34:57 GMT
date
Thu, 16 May 2024 18:34:57 GMT
x-content-type-options
nosniff
age
23238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41336
x-xss-protection
0
last-modified
Tue, 22 Jan 2019 20:50:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 3F42 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
441aceec7198536c4480a0651909aabaf9af58a6e6608a0f51cb0f74a1d1b9d4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.gif
bookmakers.click/202-img/ 		996 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bookmakers.click/202-img/favicon.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.55.168 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5722606.gamingtips.org.uk
Software
Apache /
Resource Hash
422b5304fb3d31cb2c5c9c049917461c121f245d568ad55935afe608d250141c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/202-login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:14 GMT
last-modified
Sat, 02 Jul 2016 04:21:54 GMT
server
Apache
accept-ranges
bytes
content-length
996
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405150101/pubads_impl.js?cb=31083737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 May 2024 01:02:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 01:02:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
pagead2.googlesyndication.com/pcs/ Frame 3F42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv_NSrv6pdnKi6FB0yTGT7t3nK9HfkVFtZrYUiB3wlf7KIAZ5q__DBgCraDsjXY5vvR5jfBSujgHMLYN1I6DvW-sAbJUcvU9jUcdLcxMgQtvmeAvnwtVRW9-3Nbi1LPKmtmMvs02k6j0SH0n6Z4-EoAoRlwHGJV9K_CRHpQNk02wGqt04G_UriQkv-_Xvd1WLXZlrO_Byd3QozSXZ2_AnzNkB1mI0AEhAETkit89z2Y0x5oAgqx3koN4EAWjNfoN9p0SDm8YAagnYKZGWk4kGJ6tW1OV8pJlIFHH6d1e6-njid0djvvz55hba4tCvADYVB_4cjdoDLxuMfqW5tkbQBV5Cg3dxvJABUhK2VNsedXV5lC63ut1WDQU5nB&sig=Cg0ArKJSzF6jyBMfJgr1EAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNjAiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi42MCJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ%3D%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:02:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bookmakers.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
16795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 20:22:20 GMT
expires
Fri, 16 May 2025 20:22:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F42 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3avkpnr_BwNtroxjANVIZTh0kx89BI6CixHbs1y5SqzXrEFabPlaBL8mj5nk7yY-BkumPxeYPK-5w6No3G_93trXkHEFSYcQVyPX3Ig_BhUyYsu-4xc5-FtgOu0f5N7N4DoMl43PVFr8U-Nfok46wYWYdHT1CrVgc4Exa8cn6n3k&sig=Cg0ArKJSzK_w_JSXlHyREAE&id=lidar2&mcvt=1000&p=455,651,755,951&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1334064552&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNjAiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi42MCJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ%3D%3D&vs=4&r=v&co=1184053500&rst=1715907735293&rpt=63&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bookmakers.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 17 May 2024 01:02:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com
URL
https://13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405150101&jk=2850121617659348&bg=!ICOlI2zNAAav94VWj_c7ADQBe5WfONSRT65IYOiZRRW10be126BKjy-GBBs6jOxywY6RGkHHYt-1ZDJE8OoNVwVaOvbpAgAAACNSAAAAA2gBB34ANWqZJ-a6OAaWL_Fi6iuUEXWMn6Kew08Z54ceCFVM0HIufHJo-wf22BrcoKNrd3r_09c4vxUrmQKhyfl58eW5n36jakh_vRyF7G4YOA21gOKJd05OlHi6Lq0cWopacDD8bO8bXSen7hXZmk_NV7WZUcfmwejpaqcXlPBbh_RIQ0YuBtmhTxKUPPFt-FYEuVJell4j60XSxSLO5CPLwn18ejFThyjthDTs0nKZ-2HtLr3n8clmk2cVgLG87Zg_hsavphXnm1WJJfO1M_aoWozrHtlCOcnHmRbY73iwdCnIzLnuXc_vU-q7gD2yTBlI7IvtvFdzL61SpbP9ZGamTt-c0blHSKJIAcqLeX6-pPonx7KlvidIqtyLGAj0Qr_QbjbmP7i36lefO5Q2H1m2bDTgk76MAAQ29dENRy9LXD0U6PiH7PqtFVqciO-8DK1Ngg1VJW4O-uGHKysOtCkx3Q7Jcm1pmwfIGLimaF-nBrs7YkO-zlLlcI4n85m2hJdt99U6Nrfin8Zx7bhuKHg-klznzD0wNqzUXHCiNkPOe6P_AzJ_RCGO0olKVakEIsC-OYj7FfK9TxyyEY6xos8oZr59Gpt5BRKyplcvyGLFrl6hl0ej3qO7bBWHGpsi4UZhC2WlNUUrV9VJKw9tvyq-VAC5Pp0LRfHNky3tr8OQ3B_5nohVCGW-trUb7KJc9ZHIutGa6s01kA76TXUp3AVJT766XscTyR6Wddoc9shhgOOq-b1NrMPT_nJ2ZDgSSiCG385H2MhLAJLwJKwJc5zGvCSeEBiw00FN9fLOiEc6THFe9aMEjFGwhvYPuIGSQpzzWZ4F-a2lOJLeA6sr2jioBxa2F5CoJzDAMp_r3G6MhM_LHRAkPpQghz1h6RCoISjhyS6ADxveM8G6U2ckUv2sjLUCrcXCY83mbBKv8UdOhB4mvOoeOofV0HwK6fcT88AereqlM6pU7siiRcUFKA

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| jQuery11120022785220063227696 object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
bookmakers.click/ Name: PHPSESSID
Value: k36vr29qfd5b2112jvhdthpkf0

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://bookmakers.click/202-login.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com
bookmakers.click
code.jquery.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13e787d0ed10a3fde7a50fb522e84e25.safeframe.googlesyndication.com
pagead2.googlesyndication.com
104.18.11.207
162.240.55.168
216.58.206.66
2a00:1450:4001:811::2002
2a00:1450:4001:830::2001
2a04:4e42:200::649
045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30199eb7592f9dc2d5fc61f19b2c5e9cade92002db1b13609452ab57b02ae082
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36deefa92fdbd2b7f41f80b1b91ec37de6bf8f977d5359edef11358205dfb6be
422b5304fb3d31cb2c5c9c049917461c121f245d568ad55935afe608d250141c
441aceec7198536c4480a0651909aabaf9af58a6e6608a0f51cb0f74a1d1b9d4
4705bbb173d72187eb97438123ccd331aedd5fdc2d4613e9b8a9d89368d4bcd4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6aae4b57e26315575f9731c71e99ca9daec2507b606162c8f49f2a76f24be5b4
6d013a60e271e3e6fe53ef560fe86eacf2ca61906387768a57cd94ecf9cdffe1
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
7ad6da96f121321c0902f93c186674d9ce01d6e3b667a829edbb31f65c3c4c36
7e14b4e3561f0efd6d6f15d4ee390287527fdc30748a0c562f1bccd485464f3a
a0bd5232485fd52c91d35213be6c4ab244f6d38dfd10cdcb56be0a4a64c5fdb8
cec75e302cbf16a6cf5a5c01019bbae0119bea4dcfe6ca574d29f9182b2a5d94
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
da952404504cfec7bef8933dcff27ef366563ccbe2e6983f5ef888efddc03d3d
db62a54bbf8c279af70d72cdbc3d86c59937009a2141641d479c04330e6aeaeb
db862284a3ee6653f7899d78b921e1834acca7d10975ec6e7d99b4ebcd1434b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5