urlscan.io logo urlscan.io
SecurityTrails logo

heineken.bigtremstore.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heineken.bigtremstore.com/
Effective URL: https://heineken.bigtremstore.com/
Submission Tags: falconsandbox
Submission: On July 24 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 32 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is heineken.bigtremstore.com.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.
This is the only time heineken.bigtremstore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 188.114.96.3 13335 (CLOUDFLAR...)
9 172.217.18.2 15169 (GOOGLE)
2 20.93.81.72 8075 (MICROSOFT...)
1 2.19.225.248 16625 (AKAMAI-AS)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 142.250.186.166 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
32 8
13    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
heineken.bigtremstore.com
9    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
pagead2.googlesyndication.com
2    20.93.81.72 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
campaigns.williamhill.com
1    2.19.225.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-225-248.deploy.static.akamaitechnologies.com
s7.addthis.com
2    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wlwilliamhill.eacdn.com
1    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
Apex Domain
Subdomains		 Transfer
13 bigtremstore.com
heineken.bigtremstore.com
178 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com Failed
217 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 951
17 KB
2 eacdn.com
wlwilliamhill.eacdn.com
4 KB
2 williamhill.com
campaigns.williamhill.com — Cisco Umbrella Rank: 784743
2 KB
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 6253
361 B
0 patreon.com Failed
c6.patreon.com Failed
32 8
Domain Requested by
13 heineken.bigtremstore.com heineken.bigtremstore.com
9 pagead2.googlesyndication.com heineken.bigtremstore.com
pagead2.googlesyndication.com
2 ssl.google-analytics.com heineken.bigtremstore.com
2 wlwilliamhill.eacdn.com campaigns.williamhill.com
2 campaigns.williamhill.com heineken.bigtremstore.com
wlwilliamhill.eacdn.com
1 ad.doubleclick.net wlwilliamhill.eacdn.com
1 s7.addthis.com heineken.bigtremstore.com
0 tpc.googlesyndication.com Failed pagead2.googlesyndication.com
0 c6.patreon.com Failed heineken.bigtremstore.com
32 9

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
www.facebook.com
twitter.com
localhost
Subject Issuer Validity Valid
bigtremstore.com
GTS CA 1P5		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
campaigns.williamhill.com
HydrantID Server CA O1		 2023-11-07 -
2024-12-01		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
ia-prod-azurecdn.eacdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-24 -
2024-11-29		 a year crt.sh
*.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://heineken.bigtremstore.com/
Frame ID: EA82045E6C0532EDE3CF343F93C57AA6
Requests: 25 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235735;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=&MediaID=394&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: 35F6143BD665F1CBE66D7C0BF0C0872E
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=&t=638574463988370000&MediaID=394&MediaIndex=0&XYZ=120%260%2619%26%26%26%260%260%26%26
Frame ID: 9027265C991D83F29E5404E247DAAD1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Frame ID: F6849C4034FAEF0FD32A0ACA667E2B7F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&h=60&slotname=1603327234&adk=3063292741&adf=240914424&pi=t.ma~as.1603327234&w=234&lmt=1719145271&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849597944&bpp=353&bdt=846&idt=1177&shv=r20240722&mjsv=m202407180101&ptt=5&saldr=sd&abxe=1&eoidce=1&correlator=2748400208461&frm=20&pv=2&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1006&ady=17&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670%2C31085478&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1216
Frame ID: 122FB820818E712F3E3E8AF4247E6340
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&h=280&slotname=7278361270&adk=3101069808&adf=352830099&pi=t.ma~as.7278361270&w=995&abgtt=1&fwrn=4&fwrnh=100&lmt=1719145271&rafmt=1&format=995x280&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849598297&bpp=2&bdt=1199&idt=925&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_slotnames=1603327234&correlator=2748400208461&frm=20&pv=1&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=933
Frame ID: 82E42DF433AED6F2FA8D6818203E6994
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&h=250&slotname=7741395708&adk=1650748633&adf=2427558&pi=t.ma~as.7741395708&w=310&abgtt=1&fwrn=4&fwrnh=100&lmt=1719145271&rafmt=1&format=310x250&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849598838&bpp=20&bdt=1740&idt=402&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=995x280&prev_slotnames=1603327234&correlator=2748400208461&frm=20&pv=1&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=979&ady=971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=405
Frame ID: 4505D0A240B2E7612B5D9FBF9FC3E5E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1719145271&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_14~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849598888&bpp=1&bdt=1790&idt=362&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=995x280%2C310x250&prev_slotnames=1603327234&nras=1&correlator=2748400208461&frm=20&pv=1&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fsapi=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=4&uci=a!4&fsb=1&dtd=388
Frame ID: F313DA7E21AA260DBB3411FABCE75885
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

European cup history, statistics of the European football championships - Champions League (European Cup), Europa League (UEFA Cup), Cup Winners' Cup, Intertoto Cup

Page URL History Show full URLs

  1. http://heineken.bigtremstore.com/ HTTP 307
    https://heineken.bigtremstore.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

94 %
HTTPS

29 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

419 kB
Transfer

936 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heineken.bigtremstore.com/ HTTP 307
    https://heineken.bigtremstore.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heineken.bigtremstore.com/
Redirect Chain
  • http://heineken.bigtremstore.com/
  • https://heineken.bigtremstore.com/
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ee76d9ccf627569fb0ab674167a33f80e439d75bfbf2ede306dc8a4c3c1b22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a86574d2fe22ba4-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 19:33:17 GMT
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNcy127SUpDxrz1b6v385FNkippOSLVXRfKwmnij6Vimg%2BhwdVPECK9xfZ0HXNZoyapOM4lt4d%2BxGTNkFfyMHgaINoanaVx3SfekUBlFQrJZHYsJNNiXrHwDrcFsLW3liYgEqsX4x1GtGWG0"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://heineken.bigtremstore.com/
Non-Authoritative-Reason
HttpsUpgrades
style.css
heineken.bigtremstore.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/css/style.css
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d544b839fddb71520ee009cd4b53cceb7750281d544658907ba98bb91bbae0

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ma3WfhysROE%2FD4HQB6IZHnoOsz3prjS7diE%2BeP5VmyruOpACUo4YTYxM05C0TGJ7acanwsB1wmA6aY9kAzlrM%2FFeTCc4ZdalBTsm%2FZtybROmqWZ7nHKjVUxG9u4T%2BRlHtjXzz1ml%2B0E%2BnT9m"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8a86574e59e92ba4-FRA
alt-svc
h3=":443"; ma=86400
tablesorter.css
heineken.bigtremstore.com/css/ 		735 B
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/css/tablesorter.css
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2525715e5eeb6cfe51981caed5f6d62464ad915669d216b63f407c7a06cb6e99

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsxGgX8coiHndT3snO0pJOGNs2cu54ttWapP%2FRGMxT6TmXEXAdqCObasBXVododuX%2Bcnu1CVLOVud9AuZ6BdODGSWd1Am6A2lsSMTwt7iS9nBx7l5X9ic2lgIOrDSMvVl6xAK8br4R6DgdW1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8a86574e59eb2ba4-FRA
alt-svc
h3=":443"; ma=86400
jquery-1.4.2.min.js
heineken.bigtremstore.com/script/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/script/jquery-1.4.2.min.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fn3pBYo6u0QX8lt%2FpQnaavtwQCb5ywLBZwDG2YWxkMxz2yPcc%2Bst1OCa3M1UH8yl1bNTt%2FmkOGpRT77oa%2FBqWgys1tNPpRyhCfyU59OqNdyeyHbJN%2FHRMSdsoqMWi%2F92y70mDpiAT1XlO%2BRt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8a86574e59ee2ba4-FRA
alt-svc
h3=":443"; ma=86400
jquery.tablesorter.min.js
heineken.bigtremstore.com/script/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/script/jquery.tablesorter.min.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7889f9f3d9e07240451a7e772849d254c03da352debc558f02ccd8c0cb0a34f

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTGQ8eU7YRQjfcpn%2Fe5zNje0PztMd%2BcJCFwOBt03nNepwCOORiIIFZ3yLKMBls1pgFVVWkNTGptha6W3tSx5emm%2BjusSFobEN6NSAFB%2BJn1wQV5NSfhDBTdvYSdF1NDmtl7IaKh5GGjwx7Z%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8a86574e59f02ba4-FRA
alt-svc
h3=":443"; ma=86400
jquery.tablesorter.pager.js
heineken.bigtremstore.com/script/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/script/jquery.tablesorter.pager.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89ebfbf7ca0f6ec3419c8a732ac77a9a84e80f9b1051b6863241f0dddcd1cfa

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gZFPlWccdcC8PQLYqqCXMR76%2BCBQ1%2FdYg%2FPw3lFbpvJX6JaznKahsNLX1ahGvXJ5cgPGEzoT%2BRAl6w897tqh2Zh1PWZaoEjce6eCir20b8Y1p4fFtjzrhDYx8%2FHG9o7XPBFpqS%2F8yU88Wja"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8a86574e59f12ba4-FRA
alt-svc
h3=":443"; ma=86400
settings.js
heineken.bigtremstore.com/script/ 		877 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/script/settings.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59d987b9541a3bdcec2ea9de21ffa4c6dc9f74162efdde2d111f6665e4ac035b

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2B78wiqJJlFfg2m5ZK5psabSnS6MhHjsaRaHkUeGSxX7YHPCT70tAJS8CcggTPov5nJ41im3Y66FNLr9EhU107nhF00r36YCMbd7BN6JgitabyZ3aDq5W6U29A2jaFE6SGW%2BUlOnU9PL0OmY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8a86574e7a152ba4-FRA
alt-svc
h3=":443"; ma=86400
cwc1.jpg
heineken.bigtremstore.com/image/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heineken.bigtremstore.com/image/cwc1.jpg
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e34daadca68612405c7f3f5ce113b6f0f8bfd654ad98640aef1f6c75ba8db50d

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIqpZL69wtrMPiVptBIu1c4FazHL%2BQcigDMdyiwzuK%2BjMyMW4epv9OVJ7jtTLxy94TZ%2ByEcHFqV8JgOAN%2BxwhUIoXR%2FyXsdztctGcLS1JdfHzW73THASRM4hUyI6GI2vjr%2BaZlzoJRMYOCCt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8a86574e7a172ba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
20727
ec.jpg
heineken.bigtremstore.com/image/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heineken.bigtremstore.com/image/ec.jpg
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c51a220ed156bbacd488f8c01cf65f7cadfff81508676b012ce3c695f1cf4b

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqsSgK%2BmGtG6Gphk7nEQ%2FT%2B97KM4mBGg8isABUSonKJDQrluX%2F%2Bo9mbcMYArqYOaR5leQ0Yk8xN%2BX5ByokSkyJMDguxcSOmTfmDh1kN0c4bnV3JbkmWyke6OMOPW15oFjspJR9LJeQW0myNg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8a86574e7a192ba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
24983
uc.jpg
heineken.bigtremstore.com/image/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heineken.bigtremstore.com/image/uc.jpg
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519e286cc76d53c11b77b27946ee1ee1c1d2c7c3b49b567b74a204c709e84cd2

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyAhsExgWWaK%2Fs7Djxu6bHnXQSUo9jSYQhZLpo9UVOXCe9FQOIv35dcWFNa9i6aoEv9JcYdjB2VFIzh19E6qgPiPpYLbdgR21H%2Fsa9B%2B3MwHBjHKU4k4MQqzhroYcUlgm58aC0Qa6gGMXtqu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8a8657507d0e2ba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
60396
b4.jpg
heineken.bigtremstore.com/image/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heineken.bigtremstore.com/image/b4.jpg
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f89d7a5fd044bfab33914398792615e85f94bb1c48c7017e168ce4e3a33b46

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Of%2BzfY77Q70StEXHbzzg6MTL3sCdaaLKZQlVoqYeKgm5zaEAjAyfC9lmh0nhv1gdFBoboSwAhdcZHBt4RxxV4C9t991Xly7%2B9DMHZaWKctB9C5IUhcZRulrQWg44heD1fG4A1KeRtXiKq7JI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8a865750ad522ba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
28242
show_ads.js
pagead2.googlesyndication.com/pagead/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
57954149cb08a9ac04deaf8868af27ae6e119154199016adea896131dc9986ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10072
x-xss-protection
0
server
cafe
etag
13019717392029633285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 19:33:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
21a0eb1175b5320c22ba531c19f6692b37a9365ca0f9d2ce574320c37c748a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53400
x-xss-protection
0
server
cafe
etag
4209000800518404351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Jul 2024 19:33:17 GMT
becomePatronButton.bundle.js
c6.patreon.com/ 		0
0
S.ashx
campaigns.williamhill.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://campaigns.williamhill.com/S.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a96a747a4116c60a01021283e3202461992a8808a4aab0b45d5ae3a5c7233def
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 24 Jul 2024 19:33:17 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
1149
X-XSS-Protection
1; mode=block
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.225.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-225-248.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jul 2024 19:33:18 GMT
server
Oracle API Gateway
opc-request-id
/34C0B3DE5142B6D920B43AC39F80798B/3AE6B785CB6FA5B3A1C4D1E0E251CE25
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
s.5.6.min.js
wlwilliamhill.eacdn.com/TrafficOpt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/S.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 24 Jul 2024 19:33:18 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2016 16:08:31 GMT
etag
W/"56fbf9ff-1a7b"
vary
Accept-Encoding
x-azure-ref
20240724T193318Z-r159c8798fdpw266xgkvtw7rdn0000000kmg00000000mx80
content-type
application/javascript
x-cache
TCP_HIT
cache-control
max-age=0, no-cache
x-fd-int-roxy-purgeid
0
Ad_336.js
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_336.js?t=2024072419
Requested by
Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/S.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
716cf8bb70a07b6e9e1b97e88670354a78eb5118cfb7ec6819729bb1832bcce4

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 24 Jul 2024 19:33:18 GMT
content-encoding
br
last-modified
Mon, 20 Nov 2023 08:35:37 GMT
etag
W/"655b1a59-58a"
vary
Accept-Encoding
x-azure-ref
20240724T193318Z-r159c8798fdpw266xgkvtw7rdn0000000kmg00000000mx7z
content-type
application/javascript
x-cache
TCP_HIT
cache-control
max-age=0, no-cache
x-fd-int-roxy-purgeid
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 		423 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6427564596420591&plah=heineken.bigtremstore.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
46bc6a4f4bc5bb36ab7c03477ab2c4f5a9b4b6cd01b21c0b903c4f1598cbef97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146136
x-xss-protection
0
server
cafe
etag
3300592992549115961
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 19:33:18 GMT
right.png
heineken.bigtremstore.com/image/ 		142 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heineken.bigtremstore.com/image/right.png
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb7abeb941c6dad978b59ee07275f9df9ed0b7060cfba50b26da4b4c2db504e

Request headers

Referer
https://heineken.bigtremstore.com/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:18 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwpafDejuPkbpfADRCI71rmul3%2FW1tl1kTW2LI6WvTIt3oMFJkliz%2BlTxhCAl%2BhMmom8HHgRCvm3QL1UXiiFXccMqF8mhYwTjQ92jUgZSRN9onTJ%2BOMf9QgL2JJvfONwAbOf2PIUVur%2FVMe4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
8a8657561cd32ba4-FRA
alt-svc
h3=":443"; ma=86400
content-length
142
C.ashx
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235735;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame 35F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235735;sz=300x250;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=&MediaID=394&IsAd=1&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
30230
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 19:33:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
T.ashx
campaigns.williamhill.com/ Frame 9027 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.williamhill.com/T.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=&t=638574463988370000&MediaID=394&MediaIndex=0&XYZ=120%260%2619%26%26%26%260%260%26%26
Requested by
Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heineken.bigtremstore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 24 Jul 2024 19:33:19 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jul 2024 18:51:36 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2503
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 24 Jul 2024 20:51:36 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240722/r20110914/ Frame F684 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6427564596420591&plah=heineken.bigtremstore.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
75115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jul 2024 22:41:24 GMT
etag
2738592464165616
expires
Tue, 06 Aug 2024 22:41:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 122F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&h=60&slotname=1603327234&adk=3063292741&adf=240914424&pi=t.ma~as.1603327234&w=234&lmt=1719145271&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849597944&bpp=353&bdt=846&idt=1177&shv=r20240722&mjsv=m202407180101&ptt=5&saldr=sd&abxe=1&eoidce=1&correlator=2748400208461&frm=20&pv=2&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1006&ady=17&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670%2C31085478&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6427564596420591&plah=heineken.bigtremstore.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 19:33:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 82E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&h=280&slotname=7278361270&adk=3101069808&adf=352830099&pi=t.ma~as.7278361270&w=995&abgtt=1&fwrn=4&fwrnh=100&lmt=1719145271&rafmt=1&format=995x280&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849598297&bpp=2&bdt=1199&idt=925&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_slotnames=1603327234&correlator=2748400208461&frm=20&pv=1&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=933
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6427564596420591&plah=heineken.bigtremstore.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 19:33:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 4505 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&h=250&slotname=7741395708&adk=1650748633&adf=2427558&pi=t.ma~as.7741395708&w=310&abgtt=1&fwrn=4&fwrnh=100&lmt=1719145271&rafmt=1&format=310x250&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849598838&bpp=20&bdt=1740&idt=402&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=995x280&prev_slotnames=1603327234&correlator=2748400208461&frm=20&pv=1&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=979&ady=971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6427564596420591&plah=heineken.bigtremstore.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 19:33:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame F313 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6427564596420591&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1719145271&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fheineken.bigtremstore.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_14~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721849598888&bpp=1&bdt=1790&idt=362&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=995x280%2C310x250&prev_slotnames=1603327234&nras=1&correlator=2748400208461&frm=20&pv=1&ga_vid=1734419071.1721849599&ga_sid=1721849599&ga_hid=717106377&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331690%2C95331832%2C95334529%2C95334830%2C95337870%2C95338264%2C31084187%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1552594278032589&tmod=1823214590&uas=0&nvt=1&fsapi=1&fc=896&brdim=820%2C820%2C820%2C820%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=4&uci=a!4&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6427564596420591&plah=heineken.bigtremstore.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 19:33:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=385673313&utmhn=heineken.bigtremstore.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=nl-nl&utmje=0&utmfl=-&utmdt=European%20cup%20history%2C%20statistics%20of%20the%20European%20football%20championships%20-%20Champions%20League%20(European%20Cup)%2C%20Europa%20League%20(UEFA%20Cup)%2C%20Cup%20Winners%27%20Cup%2C%20Intertoto%20Cup&utmhid=717106377&utmr=-&utmp=%2F&utmht=1721849599687&utmac=UA-1851026-6&utmcc=__utma%3D16261423.1734419071.1721849599.1721849599.1721849599.1%3B%2B__utmz%3D16261423.1721849600.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=142912290&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: heineken.bigtremstore.com
URL: https://heineken.bigtremstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 19:33:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240722&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6427564596420591&plah=heineken.bigtremstore.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
5ce00de2939a9a3b2ab52f7d7467677025120a95c782a09389ac8be3d9fef6e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12878
x-xss-protection
0
favicon.ico
heineken.bigtremstore.com/ 		16 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heineken.bigtremstore.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
177a4146643dbff8b8f16847f3b7c1c40890c8ba383f35e2b087150ca2ae3097

Request headers

Referer
https://heineken.bigtremstore.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 19:33:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 23 Jun 2024 16:04:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSFBtDc86B7r0HhVrqk%2FW%2Frqb6k6k6gi4kdmw6poBVTjZ%2F8kLrWPpvtkwLrcOku0cdkCOhLDJRSFbfKVgAFviKnLjtkDnz351HoKbiqljkFqws%2F2PMPrT85zc44suM4liEdYNghECMw8b1pw"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
8a86576daed62ba4-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c6.patreon.com
URL
https://c6.patreon.com/becomePatronButton.bundle.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery string| root function| settings function| settings_local function| show_ids function| show_origin object| google_js_reporting_queue number| google_srt object| adsbygoogle object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| ga function| TriggerAd object| theAd string| geoURL object| ldgf object| _gaq number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _gat object| GoogleGcLKhOms

9 Cookies

Domain/Path Name / Value
campaigns.williamhill.com/ Name: CEK
Value: a
.patreon.com/ Name: __cf_bm
Value: 966zX0RlcO.9By7doMIgF7FgULz9IyHWYMat_ckqlVU-1721849597-1.0.1.1-g9StbAdKHv7p9JKB_1SoHwHUraK04lJ3IfcWhXdinKeaXZ8JmwHXFBsHUBnheSru_JmvtynSqzQJI.FJ74O7xVzJq7P.uYFSbmeHCApacjU
campaigns.williamhill.com/ Name: XYZ
Value: 120&0&19&&&&0&1&&39b350db-92a1-460a-8a28-302d87d310b7&a_189196b_336&&
campaigns.williamhill.com/ Name: A_336
Value: a=336&r=0&fv=20240724&lv=20240724073319&vc=1&fc=0&lc=0&cc=0
.heineken.bigtremstore.com/ Name: __utmc
Value: 16261423
.heineken.bigtremstore.com/ Name: __utmz
Value: 16261423.1721849600.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.heineken.bigtremstore.com/ Name: __utmt
Value: 1
.heineken.bigtremstore.com/ Name: __utma
Value: 16261423.1734419071.1721849599.1721849599.1721849599.1
.heineken.bigtremstore.com/ Name: __utmb
Value: 16261423.1.10.1721849600

3 Console Messages

Source Level URL
Text
javascript warning URL: https://campaigns.williamhill.com/S.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://campaigns.williamhill.com/S.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://campaigns.williamhill.com/S.ashx?btag=a_189196b_336c_&affid=1739221&siteid=189196&adid=336&c=
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_336.js?t=2024072419, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c6.patreon.com
campaigns.williamhill.com
heineken.bigtremstore.com
pagead2.googlesyndication.com
s7.addthis.com
ssl.google-analytics.com
tpc.googlesyndication.com
wlwilliamhill.eacdn.com
c6.patreon.com
tpc.googlesyndication.com
142.250.186.166
172.217.18.2
188.114.96.3
2.19.225.248
20.93.81.72
2620:1ec:bdf::60
2a00:1450:4001:81d::2008
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
177a4146643dbff8b8f16847f3b7c1c40890c8ba383f35e2b087150ca2ae3097
21a0eb1175b5320c22ba531c19f6692b37a9365ca0f9d2ce574320c37c748a37
2525715e5eeb6cfe51981caed5f6d62464ad915669d216b63f407c7a06cb6e99
3eb7abeb941c6dad978b59ee07275f9df9ed0b7060cfba50b26da4b4c2db504e
46bc6a4f4bc5bb36ab7c03477ab2c4f5a9b4b6cd01b21c0b903c4f1598cbef97
519e286cc76d53c11b77b27946ee1ee1c1d2c7c3b49b567b74a204c709e84cd2
57954149cb08a9ac04deaf8868af27ae6e119154199016adea896131dc9986ae
59d987b9541a3bdcec2ea9de21ffa4c6dc9f74162efdde2d111f6665e4ac035b
5ce00de2939a9a3b2ab52f7d7467677025120a95c782a09389ac8be3d9fef6e9
716cf8bb70a07b6e9e1b97e88670354a78eb5118cfb7ec6819729bb1832bcce4
73c51a220ed156bbacd488f8c01cf65f7cadfff81508676b012ce3c695f1cf4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92d544b839fddb71520ee009cd4b53cceb7750281d544658907ba98bb91bbae0
a89ebfbf7ca0f6ec3419c8a732ac77a9a84e80f9b1051b6863241f0dddcd1cfa
a96a747a4116c60a01021283e3202461992a8808a4aab0b45d5ae3a5c7233def
b7889f9f3d9e07240451a7e772849d254c03da352debc558f02ccd8c0cb0a34f
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e34daadca68612405c7f3f5ce113b6f0f8bfd654ad98640aef1f6c75ba8db50d
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5f89d7a5fd044bfab33914398792615e85f94bb1c48c7017e168ce4e3a33b46
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939
f8ee76d9ccf627569fb0ab674167a33f80e439d75bfbf2ede306dc8a4c3c1b22