www.billdowpmp.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billdowpmp.com/
Effective URL:
https://www.billdowpmp.com/
Submission: On April 04 via automatic, source certstream-suspicious (April 4th 2022, 4:33:42 am UTC) — Scanned from DE

Summary HTTP 37 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 37 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.billdowpmp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 9th 2021. Valid for: a year.

This is the only time www.billdowpmp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.208.152.134 35.208.152.134	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:1790	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
37	12

1 35.208.152.134 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.152.208.35.bc.googleusercontent.com

billdowpmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.billdowpmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:1790 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cjbdb.nitrocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

to.getnitropack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	nitrocdn.com cdn-cjbdb.nitrocdn.com	576 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	249 KB
6	gstatic.com fonts.gstatic.com	194 KB
3	billdowpmp.com 1 redirects billdowpmp.com www.billdowpmp.com	346 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	5 KB
1	getnitropack.com to.getnitropack.com — Cisco Umbrella Rank: 17589	470 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8069	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	647 B
37	9

	Domain	Requested by
11	cdn-cjbdb.nitrocdn.com	www.billdowpmp.com
7	pagead2.googlesyndication.com	www.billdowpmp.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	fonts.gstatic.com	www.billdowpmp.com cdn-cjbdb.nitrocdn.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.billdowpmp.com	www.billdowpmp.com
1	www.google.com	tpc.googlesyndication.com
1	to.getnitropack.com	www.billdowpmp.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	billdowpmp.com	1 redirects
37	12

This site contains links to these domains. Also see Links.

Domain
billdowpmptraining.com
www.dowpublishingllc.com
www.youtube.com
twitter.com
scriptstown.com
accessibility-helper.co.il
socialsnap.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-09` - `2022-12-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
nitrocdn.com Cloudflare Inc ECC CA-3	`2022-03-06` - `2022-06-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.getnitropack.com Thawte RSA CA 2018	`2022-01-06` - `2023-01-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.billdowpmp.com/
Frame ID: D0D47924F4CF356CD40358FA3849A6F1
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 49D6E3FADB727955767A3E71745071A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1926153332970378&output=html&adk=1314090037&adf=164220786&lmt=1649046817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.billdowpmp.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649046817108&bpp=3&bdt=271&idt=123&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8519361684793&frm=20&pv=2&ga_vid=1416803081.1649046817&ga_sid=1649046817&ga_hid=7705159&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760332%2C31065921&oid=2&pvsid=2243570554239303&pem=639&tmod=93610349&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
Frame ID: 82B76F69D80C45CE1CD1E8DEEBDE3990
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AEA57E0E9EB8FADA24E258CB3B0A85E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDF6641AC66EB98990DFD17297734EEC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Project Management Professional Bill Dow - PMP

Page URL History Show full URLs

https://billdowpmp.com/ HTTP 301
https://www.billdowpmp.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

37
Requests

97 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

1404 kB
Transfer

2299 kB
Size

3
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://billdowpmptraining.com/
Title: Courses/Ebooks

Search URL Search Domain Scan URL

URL: https://www.dowpublishingllc.com/store/
Title: Store

Search URL Search Domain Scan URL

URL: https://billdowpmptraining.com/billdowpmcoachingmentoringprogram/bdscoachprg
Title: Bill’s PMO and PM Coaching Program

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCzZFb3FionLKQFBQtEZ81LQ
Title: YouTube Channel

Search URL Search Domain Scan URL

URL: https://billdowpmptraining.com/bill-dows-pmo-project-management-webinar-page/
Title: Webinars(F/P)

Search URL Search Domain Scan URL

URL: https://twitter.com/billdow?ref_src=twsrc%5Etfw
Title: Follow @billdow

Search URL Search Domain Scan URL

URL: https://scriptstown.com/wordpress-themes/pressbook-blog/
Title: PressBook Blog WordPress theme

Search URL Search Domain Scan URL

URL: https://accessibility-helper.co.il/
Title: Accessibility by WAH

Search URL Search Domain Scan URL

URL: https://socialsnap.com/?utm_source=WordPress&utm_medium=link&utm_campaign=inthewild
Title: Social Snap

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billdowpmp.com/ HTTP 301
https://www.billdowpmp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.billdowpmp.com/
Redirect Chain

https://billdowpmp.com/
https://www.billdowpmp.com/

349 KB
88 KB

650ms
601ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billdowpmp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3341c17234e427ef8a1e0274c5071f8be3fd698f61bf2e43a1cc23b48a17955

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Mobile
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=3600
cf-cache-status: DYNAMIC
cf-ray: 6f6753a97888901e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 04:33:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://www.billdowpmp.com/wp-json/>; rel="https://api.w.org/", <https://www.billdowpmp.com/wp-json/wp/v2/pages/997>; rel="alternate"; type="application/json", <https://www.billdowpmp.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOlyuwl9%2Bq7Fri0iAkEidJPdGcJryGQFxPXsnZlMGlhCS1L39gsaM3D4CQ%2FmyVBQlfzQlXqiYpJV55DupYI%2F7xyJPo5zh8EHCvg8ExnbHOo4rcu949nLqX3rJzVGPxdXzMGfJYnIDRRIBAbDnPFjRjM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding user-agent
x-cache-ctime: 1648825341
x-cache-enabled: True
x-httpd: 1
x-nitro-cache: HIT
x-nitro-cache-from: drop-in
x-nitro-rev: a91e60d
x-proxy-cache: HIT

Redirect headers

cache-control: public, max-age=0, s-maxage=3600
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 04:33:36 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
location: https://www.billdowpmp.com/
server: nginx
x-cache-enabled: False
x-httpd: 1
x-nitro-cache: MISS
x-proxy-cache: MISS
x-proxy-cache-info: W301 NC:000000 UP:
x-redirect-by: WordPress

GET
BLOB 200
OK 8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85
https://www.billdowpmp.com/ 824 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 824
Content-Type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce29661c7e96e3a22d97d8804e35f0c8d5d2db40a981f6291d6e1e3d75d2dab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54003
x-xss-protection: 0
server: cafe
etag: 4672128277114515721
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 04:33:37 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 44ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1926153332970378

Requested by

Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58a5e086195621ea8bfa3e296d7465b200f9cdc9f915475adb462ff37f0e6106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.billdowpmp.com/
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54015
x-xss-protection: 0
server: cafe
etag: 18359410867949858598
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 04:33:37 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v26/ 41 KB
42 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.billdowpmp.com/
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:52:19 GMT
x-content-type-options: nosniff
age: 466878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42336
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 18:52:19 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.billdowpmp.com/
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 18:02:09 GMT
x-content-type-options: nosniff
age: 383488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:02:09 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ 297 KB
107 KB 49ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1926153332970378&plah=www.billdowpmp.com&bust=31065921

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6721abc94eab7e015b63749b999c2c78cb330d0e04ea3e681423e25fdac5057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109417
x-xss-protection: 0
server: cafe
etag: 13955225957877548779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 04:33:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 49D6 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 18276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 23:29:01 GMT
etag: 4044455266028820542
expires: Sun, 17 Apr 2022 23:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52f030a66217fd024e1c0e67d48d0c68ee255bf339fa8e4be3551d9f1802b22d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 97 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b70a3fc7e4d365f4e623287c0953cdab100c2929c68294a2314e0f4dc7964ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ec0445a97bdfb98be066a3e7f96932d4452cb3870a92883328fa3d8a79afc80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fcf1db77d7990e33f89963e6af496c555cef7262378944b81256627dc5400fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed3c3bbbd0c170325120d2171ce108d39ef4a6788741f29e5adb4efaaf00b65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e0d0854a23fdb3f705248cf0a5bdafcbd18843dd6c71f1c6ebf1f01db7c5ff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
fonts.gstatic.com/s/raleway/v26/ 43 KB
43 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2

Requested by

Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778360902cb018a12ada844b98d695fdcbece62c5d3004970822891c63ea396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.billdowpmp.com/
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:53:46 GMT
x-content-type-options: nosniff
age: 502791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44308
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 08:53:46 GMT

GET
H2 200 billdowUSPTAv2.jpg
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/11/ 74 KB
75 KB 49ms
22ms Image
image/webp 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/11/billdowUSPTAv2.jpg
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090d759f52479a85271f2972e10ac19b64a125f7de391302d1c84bb40653972f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
cf-cache-status: HIT
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75940
last-modified: Sat, 19 Mar 2022 12:53:28 GMT
server: cloudflare
etag: "6235d248-12923"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6f6753af9c15693a-FRA
link: <https://www.billdowpmp.com/wp-content/uploads/2021/11/billdowUSPTAv2.jpg>; rel="canonical"

GET
H2 200 mg-img_3062-2048x1365.jpg
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/11/ 265 KB
266 KB 62ms
35ms Image
image/webp 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/11/mg-img_3062-2048x1365.jpg
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d61dfc9d414c1bd9b8fbfb5da9e73e3dc9012352bdde9a13b5884f88fd24452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
cf-cache-status: HIT
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 271604
last-modified: Sat, 19 Mar 2022 01:27:03 GMT
server: cloudflare
etag: "62353167-4257a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6f6753af9c16693a-FRA
link: <https://www.billdowpmp.com/wp-content/uploads/2021/11/mg-img_3062-2048x1365.jpg>; rel="canonical"

GET
H2 200 1024px-Richard_Sherman_and_Pete_Carroll_in_embrace_Super_Bowl_XLVIII-1.jpeg
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/11/ 61 KB
61 KB 59ms
33ms Image
image/webp 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/11/1024px-Richard_Sherman_and_Pete_Carroll_in_embrace_Super_Bowl_XLVIII-1.jpeg
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03374a949b313e20af60a0883757816a90061d2316e861656eaf3bab04ce9374

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
cf-cache-status: HIT
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62570
last-modified: Sat, 19 Mar 2022 12:53:58 GMT
server: cloudflare
etag: "6235d266-f522"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6f6753af9c18693a-FRA
link: <https://www.billdowpmp.com/wp-content/uploads/2021/11/1024px-Richard_Sherman_and_Pete_Carroll_in_embrace_Super_Bowl_XLVIII-1.jpeg>; rel="canonical"

GET
H2 200 Bill-Dow_053-683x1024.jpg
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/12/ 25 KB
25 KB 61ms
35ms Image
image/webp 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/uploads/2021/12/Bill-Dow_053-683x1024.jpg
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb4916a5fc8329642faedccafb7691a8f572a612127131ea57e5e41b3e90fd92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
cf-cache-status: HIT
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25308
last-modified: Sat, 19 Mar 2022 13:54:12 GMT
server: cloudflare
etag: "6235e084-6362"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6f6753af9c19693a-FRA
link: <https://www.billdowpmp.com/wp-content/uploads/2021/12/Bill-Dow_053-683x1024.jpg>; rel="canonical"

GET
H2 200 accessibility-48.jpg
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/wp-accessibility-helper/assets/images/ 524 B
715 B 58ms
32ms Image
image/webp 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08e78522ed943cf85f17b1920d9f7dec98159eed3e24d2fc57dbde1be1312f80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
cf-cache-status: HIT
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 524
last-modified: Sat, 19 Mar 2022 01:26:57 GMT
server: cloudflare
etag: "62353161-2ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6f6753af9c1a693a-FRA
link: <https://www.billdowpmp.com/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg>; rel="canonical"

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 76ms
25ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.billdowpmp.com&callback=_gfp_s_&client=ca-pub-1926153332970378

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1926153332970378&plah=www.billdowpmp.com&bust=31065921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f70c2f225acb09bdc5860ac8fcf6489c1296ed4d91f30f3f71bc058d879880b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 46ms
18ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.billdowpmp.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 47ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.billdowpmp.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82B7 603 B
67 B 49ms
28ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1926153332970378&output=html&adk=1314090037&adf=164220786&lmt=1649046817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.billdowpmp.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649046817108&bpp=3&bdt=271&idt=123&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8519361684793&frm=20&pv=2&ga_vid=1416803081.1649046817&ga_sid=1649046817&ga_hid=7705159&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760332%2C31065921&oid=2&pvsid=2243570554239303&pem=639&tmod=93610349&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 04:33:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 28ms
27ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6295628e3e1c22d10df9633ee660e6007cdaf68c18cc79c40d6bf0cb6d6924a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10852
x-xss-protection: 0

GET
H3 200 Bill-Dow_053-scaled.jpg
www.billdowpmp.com/wp-content/uploads/2021/12/ 0
257 KB 746ms
733ms Other
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.billdowpmp.com/wp-content/uploads/2021/12/Bill-Dow_053-scaled.jpg
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:38 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 262793
last-modified: Sat, 11 Dec 2021 03:43:11 GMT
server: cloudflare
etag: "61b41e4f-40289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oJL90yr%2FRzyvT1vYe%2F2MxXIN%2FuNFT2EwJNQZX%2Ftz23SF3nMCs7%2FvWXF%2BSNgvxzZ3ufkTPlDGR%2FbnVeLc8QSLcIgGK1b2HoUE4qf2ROSR%2B3eaT%2FvbM020NSrdsllsLw6yM3uiFZX%2FppE7BfYZ4lv6uM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f6753b08d159013-FRA
expires: Tue, 04 Apr 2023 04:33:37 GMT

POST
H2 200 /
to.getnitropack.com/ 20 B
470 B 126ms
36ms Ping
text/html 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://to.getnitropack.com/

Requested by

Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-84-17-46-53.cdn77.com

Software

BunnyCDN-AMS1-879 / PHP/7.3.33

Resource Hash

a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.billdowpmp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjaRa6WL0pdttwhuG

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: none
cdn-edgestorageid: 883
x-powered-by: PHP/7.3.33
cdn-cachedat: 04/04/2022 04:33:37
cdn-pullzone: 234442
content-length: 20
server: BunnyCDN-AMS1-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cdn-uid: b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cache-control: public, max-age=0
cdn-requestid: b4c2d0db0bdf875951da0372205fa3db
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 52ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 04:33:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AEA 13 KB
5 KB 26ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 95
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 04:32:02 GMT
expires: Tue, 04 Apr 2023 04:32:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CDF6 783 B
1 KB 43ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7218aa8e6e8fe4d78499147554e121dc99bd412348d2e199da53ebc73e586830

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U2gdHFv8fbqiIoYbXreSJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-U2gdHFv8fbqiIoYbXreSJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 04:33:37 GMT
expires: Mon, 04 Apr 2022 04:33:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 nitro-min-noimport-20151b5bf3d20f53dd3e361d7aba6f31-stylesheet.css
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/ 140 KB
46 KB 126ms
115ms Stylesheet
text/css 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-20151b5bf3d20f53dd3e361d7aba6f31-stylesheet.css
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4a4b05ceaa160baa9ce67c420f8ea85c21f196c08b9e46a09ef0c888bf96abd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 19 Mar 2022 01:26:50 GMT
server: cloudflare
link: <https://www.billdowpmp.com/combinedCss/20151b5bf3d20f53dd3e361d7aba6f31-stylesheet.css>; rel="canonical"
etag: W/"6235315a-23170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 6f6753b12b5e91d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nitro-min-noimport-036a0e9c5c5931625b6d74b376d1f78c-stylesheet.css
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/ 5 KB
1 KB 72ms
62ms Stylesheet
text/css 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-036a0e9c5c5931625b6d74b376d1f78c-stylesheet.css
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd45bfc46712ac7f4bee31deb0b89acca13615a6e87ad559aa686cc7c15a53b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 19 Mar 2022 01:26:50 GMT
server: cloudflare
link: <https://www.billdowpmp.com/combinedCss/036a0e9c5c5931625b6d74b376d1f78c-stylesheet.css>; rel="canonical"
etag: W/"6235315a-154d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 6f6753b12b5d91d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nitro-min-noimport-4f77cf7b30f3086314adf38fa63a3d06-stylesheet.css
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/ 66 KB
13 KB 58ms
48ms Stylesheet
text/css 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-4f77cf7b30f3086314adf38fa63a3d06-stylesheet.css
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aa4b9d56fd82c86bb783c6aa4f4de5896f5e5da6b040e222f6f61752f3d03a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 19 Mar 2022 01:26:50 GMT
server: cloudflare
link: <https://www.billdowpmp.com/combinedCss/4f77cf7b30f3086314adf38fa63a3d06-stylesheet.css>; rel="canonical"
etag: W/"6235315a-109a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 6f6753b12b6191d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nitro-min-noimport-f06240271f9101e61882f9f9d06a2b97-stylesheet.css
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/ 83 KB
12 KB 66ms
59ms Stylesheet
text/css 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-f06240271f9101e61882f9f9d06a2b97-stylesheet.css
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a3532b4388712751b5c75567cc3f19dda2cb5cb75e8b07bf70d74ddd31ac4fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 19 Mar 2022 01:26:50 GMT
server: cloudflare
link: <https://www.billdowpmp.com/combinedCss/f06240271f9101e61882f9f9d06a2b97-stylesheet.css>; rel="canonical"
etag: W/"6235315a-14abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 6f6753b12b6091d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nitro-min-noimport-ccec8253d365fb76c09861e3318c9df0-stylesheet.css
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/ 137 KB
25 KB 91ms
84ms Stylesheet
text/css 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-ccec8253d365fb76c09861e3318c9df0-stylesheet.css
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df169fe87c0e1cd0b81520700bc70ffb101df8726fb0fc5685d80ce56fe07c1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 19 Mar 2022 01:41:41 GMT
server: cloudflare
link: <https://www.billdowpmp.com/combinedCss/ccec8253d365fb76c09861e3318c9df0-stylesheet.css>; rel="canonical"
etag: W/"623534d5-22349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 6f6753b12b5f91d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nitro-min-noimport-d716966267f5767d2fd48788027c8b38-stylesheet.css
cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/ 163 KB
51 KB 114ms
107ms Stylesheet
text/css 2606:4700::6812:1790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-d716966267f5767d2fd48788027c8b38-stylesheet.css
Requested by: Host: www.billdowpmp.com
URL: https://www.billdowpmp.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a0d48f579925ba95c6f56999b7c9d101617aff6645b08b6edf2d71739e7f085

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 19 Mar 2022 01:26:50 GMT
server: cloudflare
link: <https://www.billdowpmp.com/combinedCss/d716966267f5767d2fd48788027c8b38-stylesheet.css>; rel="canonical"
etag: W/"6235315a-28e09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 6f6753b12b6291d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AEA 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 08:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 08:21:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CDF6 0
0 61ms
59ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=2243570554239303&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4AEA 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dGKQqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 04:33:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v26/ 41 KB
41 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: cdn-cjbdb.nitrocdn.com
URL: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-ccec8253d365fb76c09861e3318c9df0-stylesheet.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn-cjbdb.nitrocdn.com/
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:52:19 GMT
x-content-type-options: nosniff
age: 466878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42336
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 18:52:19 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn-cjbdb.nitrocdn.com/
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 18:02:09 GMT
x-content-type-options: nosniff
age: 383488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 18:02:09 GMT

GET
H3 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v26/ 41 KB
41 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn-cjbdb.nitrocdn.com/
Origin: https://www.billdowpmp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:52:19 GMT
x-content-type-options: nosniff
age: 466878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42336
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 18:52:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 67ms
67ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220330&jk=2243570554239303&bg=!6uml6a3NAAZku-1yRLs7ACkAdvg8WmhwjAl8MrMaBYyHJgJoJJbHgeg9a6YuRchu0hWLX2sQfNsJDQIAAAC5UgAAAANoAQcKAA47Rc03qhnXaTnOUrkcjJkC11TiDM01XoAnAIlkZypnhJG9ALY7SP94TcryMKzfiwTt7nurTut5BZGXfxBAvT71x9ZDAigExFKmQ9xnm-ojeBn__Ds-rFV9r9r-iDm_886mtabsbzn2P5oHnRLpaSfjvvltnQG3-siBRhkTqIhCA0FfI8nSASjiqLRc4QzrWWiCUt2ZePZPefsMPzNTs3zrAFmNdqvTt3SkTZuzZxUsWqQmI3jm_E7JypsfBHCz8EiE8ZOiHcWMNUMR-LVmNlh6tREgOGpvpz6t80qHBJMjY_OfR2MPVwHbehb98NNaVue8lzJ1HcLekiojTqmjTPOeqT1iTn8Q7pmv_jmIHxO7WvHj_tEu7ndPobphwLMn28GlfRANp8CFrtULjaSDGaOgt8YnYVFTxtzSe1cYc0-_Nj6H6YbAMkrBEHV-XeQ8-am6pYkGcNCDZX8e-Hz6zejaAGlTsO1N7omuj68XRsJAuTKZ3X0M8e37Roae8ZE028anQ6_uPYSxIl3JKVQTAIt-zPtnd2JetiGYbq_BwJPc9g260l_XyGXCniJgEOQ8CiJhHrSiPFY4NPcrre8JadjTMFAfuVXa1IxigWRiRBSbobaTUpcOgtchVu5jATbBrhQ1qgbLiaB6_JR5xf2gWOd3Mp3bvU2oEZZcFvNdzKkW04g7U8XBpsjyxjSQsYBZ2BSZFrAY6Sn-cY9m27um8WUsF4Fm8RZwncbjg4TDxA4vTpVRRecf5SIHJY7qwDw5vY_wHwHcKleQtRkXwRd_Rf0Ean1tIGLC34vH1XCWMeHmkGYrKNmb5A-_MC8BEFRKHsG6w7RTOgy1cBkYL966calKjtqwGVD3QdRKMReOq21c3qjHxANXkQtMVgZPyCU4c6zhtwoyyr9ptHKSG2Ci7vUhWfLGi_ViPNWmA-KwscllFlOKyPsGaSy2LTRV8-LYXqYREvp3SfuNjInrp7rh7GduVHIQXX24jd4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.billdowpmp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.billdowpmp.com/	1969-12-31 23:59:59	Name: nitroCachedPage Value: 1
.doubleclick.net/	1970-01-20 02:04:07	Name: test_cookie Value: CheckForPermission
.billdowpmp.com/	1970-01-20 11:25:42	Name: __gads Value: ID=be3d41e899705a9f-226ff84c6ccd005c:T=1649046817:RT=1649046817:S=ALNI_Mbbpu-uO3YB3E1Fdiqm-812knGTKA

76 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.billdowpmp.com/(Line 101) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1926153332970378&output=html&adk=1314090037&adf=164220786&lmt=1649046817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.billdowpmp.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649046817108&bpp=3&bdt=271&idt=123&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8519361684793&frm=20&pv=2&ga_vid=1416803081.1649046817&ga_sid=1649046817&ga_hid=7705159&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760332%2C31065921&oid=2&pvsid=2243570554239303&pem=639&tmod=93610349&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136 Message: Failed to load resource: the server responded with a status of 403 ()
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-20151b5bf3d20f53dd3e361d7aba6f31-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-036a0e9c5c5931625b6d74b376d1f78c-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-4f77cf7b30f3086314adf38fa63a3d06-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-f06240271f9101e61882f9f9d06a2b97-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-ccec8253d365fb76c09861e3318c9df0-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-d716966267f5767d2fd48788027c8b38-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: css-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-036a0e9c5c5931625b6d74b376d1f78c-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: css-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-f06240271f9101e61882f9f9d06a2b97-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: css-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-4f77cf7b30f3086314adf38fa63a3d06-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: css-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-20151b5bf3d20f53dd3e361d7aba6f31-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: css-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-ccec8253d365fb76c09861e3318c9df0-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: css-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/combinedCss/nitro-min-noimport-d716966267f5767d2fd48788027c8b38-stylesheet.css
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/js/nitro-min-1397398873845572.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/advanced-responsive-video-embedder/build/nitro-min-d41d8cd98f00b204e9800998ecf8427e.main.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/jquery/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/jquery/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery-migrate.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/embed-calendly-scheduling/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.widget.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/fancybox-for-wordpress/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.fancybox.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/testimonial-rotator/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.cycletwo.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/testimonial-rotator/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.cycletwo.addons.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/pixelyoursite/dist/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.bind-first-0.2.3.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/nitro-min-d41d8cd98f00b204e9800998ecf8427e.js.cookie.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/pixelyoursite/dist/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.public.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/youtube-embed-plus/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.ytprefs.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/js/nitro-min-1397398873845572.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://www.googletagmanager.com/gtag/js?id=UA-71526561-1
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v12.0&appId=282185708857827&autoLogAppEvents=1
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/cdn-cgi/scripts/5c5dd728/cloudflare-static/nitro-min-email-decode.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/js/nitro-min-platform.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/nitro-min-widgets.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.isotope.pkgd.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.imagesloaded.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.masonry.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.blossomthemes-toolkit-public.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/fontawesome/nitro-min-d41d8cd98f00b204e9800998ecf8427e.all.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/fontawesome/nitro-min-d41d8cd98f00b204e9800998ecf8427e.v4-shims.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/socialsnap/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.socialsnap.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/wp-accessibility-helper/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.wp-accessibility-helper.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/themes/pressbook/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.script.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/themes/pressbook/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.ResizeObserver.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/themes/pressbook/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.sticky-sidebar.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/kali-forms/public/assets/submissions/frontend/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.kaliforms-submissions.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: Preloading https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/youtube-embed-plus/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.fitvids.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v12.0&appId=282185708857827&autoLogAppEvents=1
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/jquery/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery-migrate.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/testimonial-rotator/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.cycletwo.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/pixelyoursite/dist/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.bind-first-0.2.3.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/themes/pressbook/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.sticky-sidebar.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://www.googletagmanager.com/gtag/js?id=UA-71526561-1
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/advanced-responsive-video-embedder/build/nitro-min-d41d8cd98f00b204e9800998ecf8427e.main.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/js/nitro-min-1397398873845572.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/testimonial-rotator/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.cycletwo.addons.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/js/nitro-min-1397398873845572.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/embed-calendly-scheduling/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.widget.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.imagesloaded.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/nitro-min-d41d8cd98f00b204e9800998ecf8427e.js.cookie.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/kali-forms/public/assets/submissions/frontend/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.kaliforms-submissions.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/socialsnap/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.socialsnap.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/cdn-cgi/scripts/5c5dd728/cloudflare-static/nitro-min-email-decode.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.isotope.pkgd.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.masonry.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/themes/pressbook/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.ResizeObserver.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/fontawesome/nitro-min-d41d8cd98f00b204e9800998ecf8427e.v4-shims.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.blossomthemes-toolkit-public.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/fancybox-for-wordpress/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.fancybox.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-includes/js/jquery/nitro-min-d41d8cd98f00b204e9800998ecf8427e.jquery.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/youtube-embed-plus/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.fitvids.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/js/nitro-min-platform.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/youtube-embed-plus/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.ytprefs.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/pixelyoursite/dist/scripts/nitro-min-d41d8cd98f00b204e9800998ecf8427e.public.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/themes/pressbook/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.script.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/wp-accessibility-helper/assets/js/nitro-min-d41d8cd98f00b204e9800998ecf8427e.wp-accessibility-helper.min.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/nitro-min-widgets.js
worker	info	URL: blob:https://www.billdowpmp.com/8bafa1b7-f8e2-46f7-bf63-cfb9824b0f85 Message: js-preload DONE: https://cdn-cjbdb.nitrocdn.com/ZElVQTCjJwhyhpVPDVnnnVqosdBcbaNU/assets/static/optimized/rev-a91e60d/wp-content/plugins/blossomthemes-toolkit/public/js/fontawesome/nitro-min-d41d8cd98f00b204e9800998ecf8427e.all.min.js

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
billdowpmp.com
cdn-cjbdb.nitrocdn.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
to.getnitropack.com
tpc.googlesyndication.com
www.billdowpmp.com
www.google.com
142.250.74.194
2606:4700::6812:1790
2a00:1450:4001:802::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2004
2a06:98c1:3121::7
35.208.152.134
84.17.46.53
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03374a949b313e20af60a0883757816a90061d2316e861656eaf3bab04ce9374
08e78522ed943cf85f17b1920d9f7dec98159eed3e24d2fc57dbde1be1312f80
090d759f52479a85271f2972e10ac19b64a125f7de391302d1c84bb40653972f
0a0d48f579925ba95c6f56999b7c9d101617aff6645b08b6edf2d71739e7f085
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
2a3532b4388712751b5c75567cc3f19dda2cb5cb75e8b07bf70d74ddd31ac4fb
2aa4b9d56fd82c86bb783c6aa4f4de5896f5e5da6b040e222f6f61752f3d03a7
2b70a3fc7e4d365f4e623287c0953cdab100c2929c68294a2314e0f4dc7964ea
2ec0445a97bdfb98be066a3e7f96932d4452cb3870a92883328fa3d8a79afc80
3d61dfc9d414c1bd9b8fbfb5da9e73e3dc9012352bdde9a13b5884f88fd24452
4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327
52f030a66217fd024e1c0e67d48d0c68ee255bf339fa8e4be3551d9f1802b22d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a5e086195621ea8bfa3e296d7465b200f9cdc9f915475adb462ff37f0e6106
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6295628e3e1c22d10df9633ee660e6007cdaf68c18cc79c40d6bf0cb6d6924a8
7218aa8e6e8fe4d78499147554e121dc99bd412348d2e199da53ebc73e586830
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0
7e0d0854a23fdb3f705248cf0a5bdafcbd18843dd6c71f1c6ebf1f01db7c5ff9
7ed3c3bbbd0c170325120d2171ce108d39ef4a6788741f29e5adb4efaaf00b65
8778360902cb018a12ada844b98d695fdcbece62c5d3004970822891c63ea396
9fcf1db77d7990e33f89963e6af496c555cef7262378944b81256627dc5400fd
9fd45bfc46712ac7f4bee31deb0b89acca13615a6e87ad559aa686cc7c15a53b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
c4a4b05ceaa160baa9ce67c420f8ea85c21f196c08b9e46a09ef0c888bf96abd
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55
c6721abc94eab7e015b63749b999c2c78cb330d0e04ea3e681423e25fdac5057
cb4916a5fc8329642faedccafb7691a8f572a612127131ea57e5e41b3e90fd92
ce29661c7e96e3a22d97d8804e35f0c8d5d2db40a981f6291d6e1e3d75d2dab9
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
df169fe87c0e1cd0b81520700bc70ffb101df8726fb0fc5685d80ce56fe07c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3341c17234e427ef8a1e0274c5071f8be3fd698f61bf2e43a1cc23b48a17955
f70c2f225acb09bdc5860ac8fcf6489c1296ed4d91f30f3f71bc058d879880b7

www.billdowpmp.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

75 %IPv6

9 Domains

12 Subdomains

12 IPs

3 Countries

1404 kBTransfer

2299 kBSize

3 Cookies

9 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.billdowpmp.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

1404 kB
Transfer

2299 kB
Size

3
Cookies

37 HTTP transactions
8 data transactions