www.twobillsdrive.com Open in urlscan Pro
107.155.81.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://twobillsdrive.com/
Effective URL:
https://www.twobillsdrive.com/
Submission: On April 28 via api (April 28th 2023, 3:27:55 pm UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 29 domains to perform 149 HTTP transactions. The main IP is 107.155.81.11, located in Dallas, United States and belongs to HVC-AS, US. The main domain is www.twobillsdrive.com.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time www.twobillsdrive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	107.155.81.11 107.155.81.11	29802 (HVC-AS) (HVC-AS)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	54.76.23.13 54.76.23.13	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:9800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	89.207.16.140 89.207.16.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 7	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	3.70.80.110 3.70.80.110	16509 (AMAZON-02) (AMAZON-02)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2600:1f13:800... 2600:1f13:800:7782:63da:8bc9:a5d:f748	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.40.227.197 13.40.227.197	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
2	18.130.95.23 18.130.95.23	16509 (AMAZON-02) (AMAZON-02)
149	37

24 107.155.81.11 (Dallas, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: 107-155-81-11.static.hvvc.us

twobillsdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.twobillsdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.62 (United States)

ASN54113 (FASTLY, US)

img.bnqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5df83fda10d599e12be7e502dea1ac9e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.76.23.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-23-13.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:9800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.80.110 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-80-110.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7782:63da:8bc9:a5d:f748 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.40.227.197 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-227-197.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.130.95.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-95-23.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	twobillsdrive.com 1 redirects twobillsdrive.com — Cisco Umbrella Rank: 989553 www.twobillsdrive.com	241 KB
21	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	203 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 5df83fda10d599e12be7e502dea1ac9e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	346 KB
16	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 982 static.adsafeprotected.com — Cisco Umbrella Rank: 820 dt.adsafeprotected.com — Cisco Umbrella Rank: 738	198 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23943 ad4m.at — Cisco Umbrella Rank: 9478 assets.ad4m.at — Cisco Umbrella Rank: 31150	520 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	511 KB
7	google.com www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	47 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	219 KB
5	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1543	184 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 15646 api.webgains.io — Cisco Umbrella Rank: 40158	32 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
3	bnqt.com img.bnqt.com — Cisco Umbrella Rank: 94644	13 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	459 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547 static-de.ad4mat.net — Cisco Umbrella Rank: 111741	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	126 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 21883	2 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7904	554 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062	586 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	716 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	875 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	104 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	610 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 5261	531 B
149	29

	Domain	Requested by
23	www.twobillsdrive.com	www.twobillsdrive.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
10	pagead2.googlesyndication.com	www.twobillsdrive.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	dt.adsafeprotected.com	www.twobillsdrive.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.twobillsdrive.com
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	assets.ad4m.at	as.ad4m.at
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.twobillsdrive.com googleads.g.doubleclick.net
6	www.google.com	www.twobillsdrive.com www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
5	www.googletagservices.com	www.twobillsdrive.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
5	use.fontawesome.com	www.twobillsdrive.com use.fontawesome.com
4	ad4m.at	as.ad4m.at ad4m.at
4	static.adsafeprotected.com	pixel.adsafeprotected.com www.twobillsdrive.com
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	pixel.adsafeprotected.com	www.twobillsdrive.com
3	img.bnqt.com	www.twobillsdrive.com
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.twobillsdrive.com
2	fonts.googleapis.com	www.twobillsdrive.com googleads.g.doubleclick.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.twobillsdrive.com
1	mug.criteo.com	www.twobillsdrive.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	5df83fda10d599e12be7e502dea1ac9e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	twobillsdrive.com	1 redirects
149	44

This site contains links to these domains. Also see Links.

Domain
www.nfl.com
www.buffalobills.com
www.spotrac.com
buffalonews.com
www.democratandchronicle.com
www.newyorkupstate.com
www.thedailynewsonline.com
www.sabrespace.com
manofpress.com
honeyreporter.com
zbreportars.com
digitalnewshut.com
www.pickedreports.com
sports.usatoday.com

Subject Issuer	Validity	Valid
twobillsdrive.com R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
bnqt.com R3	`2023-04-01` - `2023-06-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-09` - `2023-12-03`	10 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.twobillsdrive.com/
Frame ID: AEEB999E8D4DA459F9B8A9AB2B7E3712
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html
Frame ID: 6F6CCDD77323485E09663F2DFCE7ABB7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=8ths2vo9dv4x
Frame ID: BC7A3ACEBB4F22D66317FE5F892AA38A
Requests: 8 HTTP requests in this frame

Frame: https://5df83fda10d599e12be7e502dea1ac9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D175F1C12B90523C4050103D139A0700
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&adk=1812271804&adf=3025194257&lmt=1682695668&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668012&bpp=4&bdt=649&idt=227&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6365423673826&frm=20&pv=2&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=258
Frame ID: B2257548949E7F125F943688E093D234
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668016&bpp=2&bdt=653&idt=259&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XJeFZ2dHOM&p=https%3A//www.twobillsdrive.com&dtd=266
Frame ID: 0BC1C2C903B3BEC9F3FE57B20D151F7F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668018&bpp=1&bdt=655&idt=326&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=21ddjha79f&p=https%3A//www.twobillsdrive.com&dtd=330
Frame ID: 63F3F4923FDAF599B935DE62C1F38161
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscnNf9T67dpfZTeljGp2vvOkKEevxr6hZlgTi-p05zu05j21sOxPbP_xjgACOHEF2qYqy9gtB4_MEGjd7i6DtMim9guh1UQdswggpUIR1xj2micKxsCOS0MgCQg6ayeGAXG09S_UNiuoQmjO-RniM2LRJjXWz6hTLFLypNAj_qcVdrVqf9C7I6YPte_oUi8l87TBRlXhsYB8tn5ph2f_FU_x1tVOGTYbOkdqTPWNFStLwXmyP2S_dlDXiLHIvTsMFHFA_DNEOGHwlh5W9uFWHTh38Xctx8ixzWwcV9UjqnTcz7k5o5oBvAf08-VpGqOnpXGLcAGxb9l78BD7D2SZINwaTMQ5ldfNeJfBP3r539komnWSESu4aUsx08NakP4zH_&sai=AMfl-YSX9ufCwEcwW9_AhF1lF04XNbN5eTwOG5az3NGERzpdDs1XL8liG2TsZhKZKJu6DBZcAMW9OvG3ShGSidf1ZFy-RHTSdcyNVC6I-BFo5ijUdFC4qcM0eB6pfjy6eWbDDe2vyebeq_dLALHusmsO&sig=Cg0ArKJSzGOjN79my_1BEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4E37A073C1781C56FF71A071B3129CED
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3-Xo8fAcPSE-LmJbW0PrKWf1VDZyPFqz3lZXdu1gp3OEgE8xAJJegm75py6On972EH6hVtzYhfHuT-lmYqH6whe9w1C38X5OcA04u-ntc2HFvtj9EVySVvqedaC3E3jarzOdZBVMaR3ig1Vhmu_up6FmNjus1RvRuxCnI-ORREls7jUr8daYuvmQDgAQ8LsfpI_K4vYDNHdXyQIX_jThWGVuPz0Zktr02e6l3rbSBB40rG7Hdhqr39r8kfwEyvnfPHM5CDVR8p21MQ6UPD1f8qsh5V2f8JDA6gPNaFvMsefF9o8WWA_DmK18FPEbZs9hJdS82nxi-km48rUGdJCz195LmH8Sc-pci3Kke8FQeTh6TtzhSYLXq0UWVYqIqKmM_&sai=AMfl-YSKD_nS7mZ0yRVh3BdhmoWB0xIZoFuqCuUvubIVC1IrbOv_EIle_Fkfn4J9I3amzdHNAL2d1x5UnBKmQEuTrMv5RPIWELSkW6EOVLix5vdclPeWBi9ULjgE8PYjcesNf8Gz01lWWf8dtliWxbw&sig=Cg0ArKJSzDez0WC-6HfjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F67BD1E3D96A1DE5E67D4D8F55A1E645
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325691&pubOrder=2158122228&cb=376180721&adsafe_par&impId=&custom2=&custom3=
Frame ID: 9CD720F797843CF484812C8EA6270627
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1626942909&adsafe_par&impId=&custom2=&custom3=
Frame ID: E50F35B48E2C7C901EEF31CCA5C5EB23
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.twobillsdrive.com
Frame ID: 5387F1EDBB1ED7E2326404CF35DB8DB3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CUBLI9OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTRAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEck1OseAI4qT9vCzBYM9FklYligNqLLZcwckJXai6VshEGVWEU8wEgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTEwNjc1NzAwODcxMDYxMTkYAA&sigh=YFe0zyKYt5E&uach_m=[UACH]&cid=CAQSKQBygQiDpQHsbTV297jQEAcZ2wfQ9ErWoOw9k2DlBkJgr1vpsvzihP9MGAE
Frame ID: 5D8E7AF3FCFD8B97A40E10ACC26706A0
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hjp71wh91dgbvgwy1jwpxy07qye3hm1w4rc7dqepgec9fmqspja0md914bs67avvqp52c1tekpn9sxz7esjkesy2mmatywde8evyzrysymtm21ntsa6rxngq90f99hsqc6cesqthwcb6dwzqzbza83kdfezc2392b1rctq7jcqcrk4rk2e0tqtpnd1c3dch1pcrkehcaygf3nsqrf60pwbgxz8tzhyz1pk2m7aw3kb9ywmdhnb6j4bc6986p78v9pn22r40vmtv4aaqqhfpbqb9ddwg158jnnf6zeg39ymz1hkps0mczemn8m0gt5dq2vh6hg403gbhr38v7ckmw7k3xkt4bn13rm665t9hs75ew20ht4anx5541r240wbp2qmbhyrypebhj0031newfar3yp7zmx730anevv8yjpwh38ap7f29478jmznzyf0zp0em3zn8kmqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%26client%3Dca-pub-1067570087106119%26adurl%3D
Frame ID: 4321910022D690DDFCB375FCE679B763
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86E2D547367895B8BB5F0315CEA67D03
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7FF9C3629976C33932C32A4298E5B97B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9B29BC3147DE710D432B294A0EE1EC83
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 65B085B2DDFDC7B7A74AE04DC9E8485D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Frame ID: 0EBE601F05167128E736C763FBAA64E8
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Frame ID: 579EDA91F3F09C2EB35037E1C9B801AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60F9FDC2CA0263F1BEF8C41108FC4891
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 000645E22EC2FD905BB757743F10E3B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Two Bills Drive – Buffalo Bills News and Discussion

Page URL History Show full URLs

https://twobillsdrive.com/ HTTP 301
https://www.twobillsdrive.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

149
Requests

95 %
HTTPS

59 %
IPv6

29
Domains

44
Subdomains

37
IPs

6
Countries

2707 kB
Transfer

6116 kB
Size

23
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nfl.com/standings
Title: Standings

Search URL Search Domain Scan URL

URL: http://www.nfl.com/stats/
Title: Statistics

Search URL Search Domain Scan URL

URL: http://www.buffalobills.com/team/roster.html
Title: Roster

Search URL Search Domain Scan URL

URL: http://www.spotrac.com/nfl/buffalo-bills/cap/
Title: Salary Cap

Search URL Search Domain Scan URL

URL: http://buffalonews.com/sports/bills/bills-trade-up-in-first-round-select-utah-tight-end-dalton-kincaid-at-no-25/article_84624a1e-e572-11ed-a3bd-4b44722b5af3.html
Title: Bills trade up in first round, select Utah tight end Dalton Kincaid at No. 25 overall in NFL draft

Search URL Search Domain Scan URL

URL: http://buffalonews.com/sports/bills/mark-gaughan-dalton-kincaid-is-the-slot-receiver-the-bills-need-but-most-werent-expecting/article_aa8745ec-e54e-11ed-bc04-dbf10a85d25f.html
Title: Mark Gaughan: Dalton Kincaid is the slot receiver the Bills need but most weren't expecting

Search URL Search Domain Scan URL

URL: http://buffalonews.com/sports/bills/buffalo-bills-nfl-draft-dalton-kincaid-first-round-university-of-utah/article_d3c34178-e54d-11ed-85e9-230429280702.html
Title: Dalton Kincaid: Five things to know about Bills' new tight end

Search URL Search Domain Scan URL

URL: http://buffalonews.com/business/local/bills-exec-ron-raccuia-is-confident-there-will-be-development-near-new-stadium-hes-just/article_13c71ff2-e51b-11ed-9282-97553226fb95.html
Title: Bills exec Ron Raccuia is confident there will be development near new stadium. He's just not sure when

Search URL Search Domain Scan URL

URL: http://www.democratandchronicle.com/story/sports/football/nfl/bills/2023/04/27/buffalo-bills-dalton-kincaid-trade-up-first-round-2023-nfl-draft/70151386007/
Title: Buffalo Bills trade up in 1st round, select Utah tight end Dalton Kincaid

Search URL Search Domain Scan URL

URL: http://www.democratandchronicle.com/story/sports/football/nfl/bills/2023/04/28/buffalo-bills-nfl-draft-grades-2021-dawson-kincaid-first-round-trade/70161918007/
Title: Draft grades: Buffalo Bills get 'elite talent' but some experts think it was strange pick

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2023/04/buffalo-bills-trade-up-2-spots-to-no-25-in-deal-with-jaguars-select-utah-tight-end-dalton-kincaid.html
Title: Buffalo Bills trade up 2 spots to no. 25 in deal with Jaguars, select Utah tight end Dalton Kincaid

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2023/04/who-is-dalton-kincaid-buffalo-bills-got-a-guy-in-the-travis-kelce-mold-5-things-to-know.html
Title: Who is Dalton Kincaid? Buffalo Bills ‘got a guy in the Travis Kelce mold’ (5 things to know)

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2023/04/5-thoughts-and-a-grade-on-buffalo-bills-drafting-utah-tight-end-dalton-kincaid.html
Title: 5 thoughts and a grade on Buffalo Bills drafting Utah tight end Dalton Kincaid

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2023/04/bills-gm-explains-why-he-traded-up-for-te-dalton-kincaid-hints-wr-wasnt-a-priority.html
Title: Bills GM explains why he traded up for TE Dalton Kincaid; hints WR wasn’t a priority

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2023/04/bills-dawson-knox-posts-reaction-to-team-drafting-tight-end-in-first-round-of-nfl-draft.html
Title: Bills’ Dawson Knox posts reaction to team drafting tight end in first round of NFL Draft

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2023/04/skip-bayless-devastated-over-buffalo-bills-leapfrogging-dallas-cowboys-for-dalton-kincaid.html
Title: Skip Bayless devastated over Buffalo Bills leapfrogging Dallas Cowboys for Dalton Kincaid

Search URL Search Domain Scan URL

URL: http://www.thedailynewsonline.com/sports/nfl-draft-bills-trade-up-to-select-te-kincaid-at-no-25-of-first-round/article_0c33abfe-24fa-5761-90a1-7760bb1bef05.html
Title: NFL Draft: Bills trade up to select TE Kincaid at No. 25 of first round

Search URL Search Domain Scan URL

URL: http://www.thedailynewsonline.com/sports/bills-gm-beane-discusses-decision-to-trade-up-and-select-te-kincaid-at-no-25/article_46251f44-128c-5b05-8142-0e7358d7ffda.html
Title: Bills GM Beane discusses decision to trade up and select TE Kincaid at No. 25

Search URL Search Domain Scan URL

URL: http://www.thedailynewsonline.com/sports/new-bills-te-kincaid-excited-to-meet-bills-mafia/article_c80daf81-1936-5a20-b13e-c8d79e646908.html
Title: New Bills TE Kincaid excited to meet Bills Mafia

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/feed/rss/

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/
Title: Buffalo Sabres News

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2023/04/28/alex-tuch-expects-more-from-himself-teammates-moving-forward/
Title: Alex Tuch expects more from himself, teammates moving forward

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2023/04/28/fridays-rochester-coverage-305/
Title: Friday’s Rochester Coverage

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2023/04/27/after-unique-season-sabres-goalie-eric-comries-future-in-buffalo-unclear/
Title: After unique season, Sabres goalie Eric Comrie’s future in Buffalo unclear

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2023/04/27/another-bar-to-chase-counting-down-thompsons-top-moments-of-2022-23/
Title: ‘Another bar to chase’ | Counting down Thompson’s top moments of 2022-23

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2023/04/27/thursdays-rochester-coverage-316/
Title: Thursday’s Rochester Coverage

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2023/04/26/sabres-mailbag-how-will-gm-kevyn-adams-try-to-acquire-another-defenseman/
Title: Sabres Mailbag: How will GM Kevyn Adams try to acquire another defenseman?

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2023/04/26/under-coach-don-granato-sabres-jeff-skinner-has-matured-added-offense/
Title: Under coach Don Granato, Sabres’ Jeff Skinner has matured, added offense

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/forum/1-the-aud-club/

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/34833-is-jeff-skinner-on-a-hall-of-fame-trajectory/
Title: Is Jeff Skinner on a Hall of Fame trajectory?

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/34832-all-the-feel-good-moments-of-the-past-season-in-one-video/
Title: All the feel good moments of the past season in one video

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/34831-frank-servalli%E2%80%99s-summer-tradebait-board/
Title: Frank Servalli’s Summer Tradebait Board

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/34830-ot-what-ss-posters-are-on-the-hot-seat/
Title: OT: What SS posters are on the hot seat

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/34828-40-year-old-former-sabre-christian-ehrhoff-signs-with-the-penguins/
Title: 40-year old former Sabre Christian Ehrhoff signs with the Penguins

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/34824-who-gets-the-boot-who-is-at-the-top-of-your-list/
Title: Who gets the boot? Who is at the top of your list?

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/34823-berglund-shading-tnt/
Title: Berglund Shading TNT

Search URL Search Domain Scan URL

URL: https://manofpress.com/
Title: Man of Press/

Search URL Search Domain Scan URL

URL: https://honeyreporter.com/
Title: Honey Reporter

Search URL Search Domain Scan URL

URL: https://zbreportars.com/
Title: ZB Reportars

Search URL Search Domain Scan URL

URL: https://digitalnewshut.com/
Title: Digital News Hut

Search URL Search Domain Scan URL

URL: https://www.pickedreports.com/
Title: Picked Reports

Search URL Search Domain Scan URL

URL: http://sports.usatoday.com/
Title: USA TODAY Sports Media Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://twobillsdrive.com/ HTTP 301
https://www.twobillsdrive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://gum.criteo.com/sid/json?origin=publishertagids&domain=twobillsdrive.com&sn=ChromeSyncframe&so=0&topUrl=www.twobillsdrive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7l48Y3xoRncvKysrQkJIZUxmZmc2TGF6QTg0U2UzeDFFemxZVE1pVzN6OXM4clllU2hsQ1VNVGtDdXRhb0xVWGtLM0RpbkdoTm10NEFuZDNJR0tzdFIvNFgzcjQvejRkVlFpWkk2Z29Qdlp6dGV0V1hSMXpJbjVEay92ZGtvM2ZVeGg5ZndjUGovalNOZUtLU3Rod0ZtdVN5OWFqenB1SzZvM2hGdk1BckFXY1NTNExKOU9KMWNMRXg1dlhoZ09icUF4bm11T3FNejRNRXFRbzNsc0NGSHJpUFBmMS9vTkQ1Tm83bEJtMmVleklrcUV5ODh2THJ2Sk1jRVJUWlQ1STg3QkNkZk45Nnhwa1JxVGNHU1gxU3ZMR1BGSmdQL254OVAwdzdYMGg3VDkzcXBoVT18&cppv=2

Request Chain 88

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM5uY9g9JOTKiXLvNJT7V3U&google_cver=1&google_push=ATf1kGMTI5e_foLqOXWCSz5kSyTec_ZNjH_24AlLmbk0lUdLpBsrDLpqr75tfZs9WWJwtxr5_wZ6PgWBfSr3Gzcd5N8x05P-CMf7-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMTI5e_foLqOXWCSz5kSyTec_ZNjH_24AlLmbk0lUdLpBsrDLpqr75tfZs9WWJwtxr5_wZ6PgWBfSr3Gzcd5N8x05P-CMf7-w

Request Chain 89

https://um.simpli.fi/gp_match?google_gid=CAESEE4ZYEPa18BOWDjsoXshuCk&google_cver=1&google_push=ATf1kGNTgramWm0g8gdDZfnt3pKAXoQClkTUupMr4vwXaypOp3Q2jbCZzMG14z9Fofb_w--UL05TlIF5vXD_UgJDPKO5CBgsEpzs2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B5B18D0F36C4CF0BD69403CD56CB971&google_push=ATf1kGNTgramWm0g8gdDZfnt3pKAXoQClkTUupMr4vwXaypOp3Q2jbCZzMG14z9Fofb_w--UL05TlIF5vXD_UgJDPKO5CBgsEpzs2A

Request Chain 90

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIfwoKJXMfoFH3t7Y0gpAzo&google_cver=1&google_push=ATf1kGMW1u69clSFPk25QlCw1BrN4VyrQfJDxJkw7RJUhAaQ3A2ReJiXEJTt4V4rVi_QeUKddTKPRuu5GIUAGQGGNSObQcLHAPKrUA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNzEyMjg2MzIwOTA1MjMxMQ%3D%3D&google_push=ATf1kGMW1u69clSFPk25QlCw1BrN4VyrQfJDxJkw7RJUhAaQ3A2ReJiXEJTt4V4rVi_QeUKddTKPRuu5GIUAGQGGNSObQcLHAPKrUA

Request Chain 91

https://ads.travelaudience.com/google_pixel?google_gid=CAESENSnC-X9DwuzWhgJH5BPYFM&google_cver=1&google_push=ATf1kGO5iMxhAKEaUvjACjAmLMsJ0BrnFpJl7SAzEY2jnlW27hiy5Cdvn2ElSxidyUVRzvVFYRUHM_Qj1edPxa715bnmFk39jdC7 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l3k5IwlqROSLPW8gu5w5fA2&google_push=ATf1kGO5iMxhAKEaUvjACjAmLMsJ0BrnFpJl7SAzEY2jnlW27hiy5Cdvn2ElSxidyUVRzvVFYRUHM_Qj1edPxa715bnmFk39jdC7

Request Chain 92

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENC8OKgSVEjuphmisQeVfH8&google_cver=1&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQqFt6K_6gng HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENC8OKgSVEjuphmisQeVfH8&google_cver=1&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQqFt6K_6gng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQqFt6K_6gng&google_hm=jW9xKh-4QGiijjjC2rXXSw==

Request Chain 93

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGcgNmi1G9EuxIpAH-myG7U&google_cver=1&google_push=ATf1kGOZBA__2MWBMprJaQ3b2vS67Dq1oP4QIoTe06jik1kRoCDfPLGsylfDIMGj3VqDhNqUIOfEcsgfGbdR1NkIROGB7IxF6CgXYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOZBA__2MWBMprJaQ3b2vS67Dq1oP4QIoTe06jik1kRoCDfPLGsylfDIMGj3VqDhNqUIOfEcsgfGbdR1NkIROGB7IxF6CgXYQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

149 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.twobillsdrive.com/
Redirect Chain

https://twobillsdrive.com/
https://www.twobillsdrive.com/

98 KB
19 KB

607ms
255ms

Document
text/html

107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: e5ece47b0e43aefab567da845476dd344ace46f4478fae8518ce2e48136a217a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 15:27:47 GMT
link: <https://www.twobillsdrive.com/wp-json/>; rel="https://api.w.org/"
server: nginx centminmod
vary: Accept-Encoding
x-powered-by: centminmod

Redirect headers

content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 15:27:46 GMT
location: https://www.twobillsdrive.com/
server: nginx centminmod
x-powered-by: centminmod
x-redirect-by: WordPress

GET
H2 200 style.css
www.twobillsdrive.com/wp-content/themes/lifestyle-pro/ 40 KB
9 KB 130ms
128ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/style.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 604a919a9564e055dd6c3ae23939cad26c61ef5585a8a86116472e20845a7e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Sat, 11 Jun 2022 16:36:28 GMT
server: nginx centminmod
etag: W/"62a4c48c-a11f"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 style.min.css
www.twobillsdrive.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 130ms
129ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 16:19:29 GMT
server: nginx centminmod
etag: W/"637cf691-172a9"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 classic-themes.min.css
www.twobillsdrive.com/wp-includes/css/ 217 B
534 B 252ms
250ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/css/classic-themes.min.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
last-modified: Tue, 22 Nov 2022 16:19:29 GMT
server: nginx centminmod
etag: "637cf691-d9"
x-powered-by: centminmod
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 217
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 styles.css
www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 253ms
251ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 11:14:33 GMT
server: nginx centminmod
etag: W/"64451319-b2b"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 font-awesome.min.css
www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/ 30 KB
7 KB 253ms
252ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Tue, 27 Dec 2016 18:09:39 GMT
server: nginx centminmod
etag: W/"5862ae63-7918"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 dashicons.min.css
www.twobillsdrive.com/wp-includes/css/ 58 KB
35 KB 258ms
256ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/css/dashicons.min.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 11:14:16 GMT
server: nginx centminmod
etag: W/"60782008-e688"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b49b2c7a4ec6babfb8685b47a1ad94c5d0274323400a8c9f5736f482d94c3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 15:27:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 33ms
16ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KDS42PVMDD8DKJJK
age: 2395439
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: nq4gdHgc97B6bfHTRaC9zn8JbfI8k24eKBkh8hfFAUA9w2pcI/SK1gmRhhwCjOlySoV6Sjbaw2c=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8c1ihdI0ylLmLG2HHG5jxPG1pdkgc0vPlcRDvufN%2BFVe2VihhZTqtjDJlnRJUCyvmzQfBYY0qxIEWADMeOMGQnaPXvlLyYLGiuPmrczlyBB2j2yDPSULPqL3c6u4IzPW20bDjGi3bO6qfPbvBQ2JWNd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7bf054d1293e9bb6-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 31ms
14ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PFPYX8GMD5T2QAMY
age: 706914
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: OOhiO0dwznlx9g9RpxW5KjlEsZ26Gt9G2SmIXPv+2Gmw4x8dX8PJPP8GxOYejmbFV3N8r9ppuP8=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPC10NW5wGL9YSRSdcADGI%2F4sJM1fsQKvslCcYuUPSiOdlVH60q8zXBq0nWMYa5y%2FK3tbaHtjz0LuLthFAWpP9V4Ufl9qNqiKnZVVIyU0MSdTwra31o0xoN9xGSeuvHnl%2Beb8beSWUBg2Lt54piV%2B6Ye"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7bf054d1293f9bb6-FRA

GET
H2 200 jquery.min.js Show response
www.twobillsdrive.com/wp-includes/js/jquery/ 88 KB
31 KB 258ms
257ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 16:19:29 GMT
server: nginx centminmod
etag: W/"637cf691-15e54"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.twobillsdrive.com/wp-includes/js/jquery/ 11 KB
4 KB 258ms
257ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Sat, 27 Feb 2021 14:58:12 GMT
server: nginx centminmod
etag: W/"603a5e04-2bd8"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 54ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BNL5YS2GQS

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4217b37433e45fc80656ccdf52a412bb8e7a1111441a948860b57b3f42b5ca36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81785
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 44ms
19ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5355045-1

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac4b21a7a16fd15a05ff02368bc393af3359f129ce857e0e78802519fdd417c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2 200 sdpdfphelper.js Show response
img.bnqt.com/lib/js/ 6 KB
7 KB 35ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.bnqt.com/lib/js/sdpdfphelper.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 05180a8df0f12c99deae4f68f46f538d5f627d89622f31b827785a2a23a51087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 27 Apr 2023 05:10:33 GMT
date: Fri, 28 Apr 2023 15:27:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 48662
x-guploader-uploadid: ADPycdtsET3jFYLvw9DWBCOCyNDiOFgDlk81E8VF5LXusYtLpR8p2PUE_kmSuLzsqGUytt0ggSPSQixdg28-FvCrsfuZHw
x-cache: HIT, HIT
x-goog-storage-class: NEARLINE
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
gannett-debug-path-full: restarts: 0 ttl: 86400.000 shield: false server: cache-fra-eddf8230123-FRA path: storage.googleapis.com backend ; Segmented Caching Enabled >>>> restarts: 0 ttl: 86400.000 shield: true server: cache-iad-kiad7000123-IAD path: storage.googleapis.com backend ; Segmented Caching Enabled
content-length: 6036
x-served-by: cache-iad-kiad7000123-IAD, cache-fra-eddf8230050-FRA
last-modified: Thu, 11 Feb 2021 19:31:24 GMT
server: UploadServer
x-timer: S1682695667.398563,VS0,VE0
etag: "e25f9fdde85d1053b77e4537d51f4584"
gannett-debug-path: storage.googleapis.com backend ; Segmented Caching Enabled
x-goog-generation: 1613071884761292
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=N1p/rA==, md5=4l+f3ehdEFO3fkU31R9FhA==
x-goog-stored-content-length: 6036
accept-ranges: bytes
x-cache-hits: 1172, 5

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 109ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067570087106119&host=ca-host-pub-2644536267352236

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d36d4ce34bee522961dcaed14903102d9b7cee32ffe3b550807029e4f501a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47544
x-xss-protection: 0
server: cafe
etag: 11977446652855014762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
46 KB 133ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b64878aca5a3fe7539d89f32b9c77863914baedf98e77966473df4fc73bd934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47077
x-xss-protection: 0
server: cafe
etag: 7993521184068726032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.twobillsdrive.com/wp-includes/js/ 18 KB
5 KB 131ms
130ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-48b9"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 index.js Show response
www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 265ms
263ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 11:14:33 GMT
server: nginx centminmod
etag: W/"64451319-2801"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 index.js Show response
www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 266ms
264ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 11:14:33 GMT
server: nginx centminmod
etag: W/"64451319-328f"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 hoverIntent.min.js Show response
www.twobillsdrive.com/wp-includes/js/ 1 KB
1 KB 268ms
265ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/hoverIntent.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-5db"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 superfish.min.js Show response
www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 268ms
266ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 01:54:36 GMT
server: nginx centminmod
etag: W/"632528dc-1193"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 superfish.args.min.js Show response
www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/ 132 B
469 B 269ms
267ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
last-modified: Sat, 17 Sep 2022 01:54:36 GMT
server: nginx centminmod
etag: "632528dc-84"
x-powered-by: centminmod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 132
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 skip-links.min.js Show response
www.twobillsdrive.com/wp-content/themes/genesis/lib/js/ 386 B
723 B 270ms
268ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/genesis/lib/js/skip-links.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
last-modified: Sat, 17 Sep 2022 01:54:36 GMT
server: nginx centminmod
etag: "632528dc-182"
x-powered-by: centminmod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 386
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 responsive-menus.min.js Show response
www.twobillsdrive.com/wp-content/themes/lifestyle-pro/js/ 4 KB
2 KB 271ms
269ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/js/responsive-menus.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2017 23:23:40 GMT
server: nginx centminmod
etag: W/"59e53f7c-e5c"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
907 B 43ms
20ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&ver=3.0

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75ddafb5d5d7fd2b6e8a23f654d11001574dceb8301f4d9905f50571a643057f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.twobillsdrive.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 272ms
270ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-194b"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.twobillsdrive.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 273ms
271ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 16:19:29 GMT
server: nginx centminmod
etag: W/"637cf691-459f"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 index.js Show response
www.twobillsdrive.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
1 KB 274ms
272ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
last-modified: Sun, 23 Apr 2023 11:14:33 GMT
server: nginx centminmod
etag: "64451319-3e7"
x-powered-by: centminmod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 999
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 93ms
61ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76544c0f06b34060e6111890ff82cf4ed0883a930bb1e8a06b69732dc602fb65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24874
x-xss-protection: 0
server: cafe
etag: 373 / 19475 / 31074164 / config-hash: 15614866056795520360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2 200 sdp.toolbox.1.0.0.min.js Show response
img.bnqt.com/lib/sdp-dfp-helper/js/ 6 KB
6 KB 9ms
8ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.bnqt.com/lib/sdp-dfp-helper/js/sdp.toolbox.1.0.0.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c1d764eecff47574d12a39acb9197e0c59d069b6da9d4e5ee0c4fa926ae7c95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 27 Apr 2023 07:03:44 GMT
date: Fri, 28 Apr 2023 15:27:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 50707
x-guploader-uploadid: ADPycdvlhZbHBDkuAlMhqSvtnT--C0N9p1oN974zlDiDwFBpJ71jyTHpD5Cn0ddrqjF1DkE3ox1nvnMkuRGRPkmakoniVg
x-cache: HIT, HIT
x-goog-storage-class: NEARLINE
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
gannett-debug-path-full: restarts: 0 ttl: 86400.000 shield: false server: cache-fra-eddf8230114-FRA path: storage.googleapis.com backend ; Segmented Caching Enabled >>>> restarts: 0 ttl: 86400.000 shield: true server: cache-iad-kcgs7200116-IAD path: storage.googleapis.com backend ; Segmented Caching Enabled
content-length: 6044
x-served-by: cache-iad-kcgs7200116-IAD, cache-fra-eddf8230050-FRA
last-modified: Thu, 11 Feb 2021 19:53:36 GMT
server: UploadServer
x-timer: S1682695668.816524,VS0,VE0
etag: "a10d854620d11d46227f1d89054f4029"
gannett-debug-path: storage.googleapis.com backend ; Segmented Caching Enabled
x-goog-generation: 1613073216865773
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=JCyaWw==, md5=oQ2FRiDRHUYifx2JBU9AKQ==
x-goog-stored-content-length: 6044
accept-ranges: bytes
x-cache-hits: 923, 5

GET
H2 200 tbd2017-1.png
www.twobillsdrive.com/wp-content/uploads/2017/10/ 14 KB
14 KB 129ms
128ms Image
image/png 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twobillsdrive.com/wp-content/uploads/2017/10/tbd2017-1.png
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 2944e0ebe135a57c4285876ab58fa6fe886ff10798373a3a4d29b2ec158a5d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
last-modified: Sat, 28 Oct 2017 17:46:16 GMT
server: nginx centminmod
etag: "59f4c268-3624"
x-powered-by: centminmod
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 13860
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 551852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:10:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 37ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 551103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:22:44 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 27ms
14ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8Z05DGW27AQHAVVS
age: 1216460
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
x-amz-id-2: LYxGHghqO9JJWGJLF3jLc6IW7so3OB6BN6ZSWOQFZ7MXQ0HbZoxJmX7ghyWLw3KU7F046zvTG8Y=
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX3k%2BvlLCCwaOK0ucXXHuBz4YNz7R0Cb7OkapqKlDX92h1IE9TfxHv7AJhDBiHIr79xPoBjb2YPrbXjjvCXT41CEfxMsCrg7uoe5TSintYpYHDocB9v1XUAUJOFLAj%2BP98PFanYEgRJBmthJ0GV8Z9RP"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7bf054d3fe239142-FRA

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
14 KB 34ms
21ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WVMCCZTZZZQHTKDM
age: 684929
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
x-amz-id-2: D42NVTf0xonOqD9Yw7ZggDYRcSlcOpwQ6W1C8jkZjWqavzaXiZ9F4yY6Une/IDa3GUXsEb+Jth6sI0SXFW7qbw==
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "b91d376b8d7646d671cd820950d5f7f1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvlbveKa9f%2BK9tpD9JxH1Tg2m9S5qPKOzhZCFH3R0IOdf5mN%2BR%2F8QO8AC6nO46TilBQq3OF73higlOVo%2BjjoHBOOoMhYCnLlI2cks0JFFO%2BROqaWH%2BGi%2FSf12Hphr9MycM4et1gb8h9F5vcykquXgg67"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7bf054d3fe269142-FRA

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 43ms
17ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:20:42 GMT
x-content-type-options: nosniff
age: 511625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:20:42 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 410 KB
165 KB 42ms
0ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 21:08:53 GMT

GET
H2 200 search.png
www.twobillsdrive.com/wp-content/themes/lifestyle-pro/images/ 1 KB
1 KB 130ms
130ms Image
image/png 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/images/search.png
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 8381e58dd34281d45967d35eebcd12f09854a87031fc7bbc2995dd6a5f301454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
last-modified: Mon, 16 Oct 2017 23:23:39 GMT
server: nginx centminmod
etag: "59e53f7b-47e"
x-powered-by: centminmod
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1150
expires: Sun, 28 May 2023 15:27:47 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 03:55:21 GMT
x-content-type-options: nosniff
age: 41546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 03:55:21 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
76 KB 16ms
15ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DMXTQ8ZNETDHRQC4
age: 799549
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
x-amz-id-2: L/k9tIdhQmFKTonjzaSoVU9zcMhm+VblCDYFZhKHq99CeOoEweObDToYMtiZecDE62xCcmojsNI=
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "ed311c7a0ade9a75bb3ebf5a7670f31d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJ%2FvHipLXrrGq8dp7%2Fm5H%2FbfJgGJdRg00mRyomP%2FveNPxyu4X1hiaYoisrv8qFZAt7QKx7pIfrEcEvQe1IVhxxB6QwEtsGdxB6tme2l47s4HAhkBQvuiCt5zkUmnoJrgUEsA3KxHA1IJb%2BCLF1W4Cv%2Bi"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7bf054d47ed39142-FRA

GET
H2 200 fontawesome-webfont.woff2
www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/fonts/ 75 KB
76 KB 129ms
129ms Font
font/woff2 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:47 GMT
last-modified: Tue, 27 Dec 2016 18:09:40 GMT
server: nginx centminmod
etag: "5862ae64-12d68"
x-powered-by: centminmod
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 77160
expires: Sat, 27 Apr 2024 15:27:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5355045-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 15:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1364
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 28 Apr 2023 17:05:04 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 41ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BNL5YS2GQS&gtm=45je34q0&_p=1643904680&gdid=dZTNiMT&cid=1752883673.1682695668&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682695667&sct=1&seg=0&dl=https%3A%2F%2Fwww.twobillsdrive.com%2F&dt=Two%20Bills%20Drive%20%E2%80%93%20Buffalo%20Bills%20News%20and%20Discussion&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNL5YS2GQS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 399 KB
124 KB 63ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64208
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126484
x-xss-protection: 0
server: cafe
etag: 2690975471868618065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Apr 2024 21:37:40 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 189 B
662 B 96ms
41ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.twobillsdrive.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b298f6d3f3ae8a84fa97856b2184484557429cd6879bba0345b982648758d9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/ 354 KB
119 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1067570087106119&plah=www.twobillsdrive.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067570087106119&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578213284b279614417db70b361d4267d80fe086b13cb3d84dbb2bc1643b37de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121860
x-xss-protection: 0
server: cafe
etag: 15789766008550257130
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/ Frame 6F6C 10 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067570087106119&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 22:27:52 GMT
etag: 2378337311435320485
expires: Thu, 11 May 2023 22:27:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BC7A 49 KB
27 KB 31ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=8ths2vo9dv4x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce89c2ee390410d98dad6a69f8e656a5e1f870e84dce3a7aa064239513db539f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lAaU8FbyXvIoG3EuIl46fQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27284
content-security-policy: script-src 'report-sample' 'nonce-lAaU8FbyXvIoG3EuIl46fQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame BC7A 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=8ths2vo9dv4x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Apr 2024 15:06:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame BC7A 410 KB
165 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168688
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 21:08:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 17ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1643904680&t=pageview&_s=1&dl=https%3A%2F%2Fwww.twobillsdrive.com%2F&ul=en-us&de=UTF-8&dt=Two%20Bills%20Drive%20%E2%80%93%20Buffalo%20Bills%20News%20and%20Discussion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=299970531&gjid=513237691&cid=1752883673.1682695668&tid=UA-5355045-1&_gid=1526188856.1682695668&_r=1&gtm=457e34q0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=2097515560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twobillsdrive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 43ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.twobillsdrive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 51ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.twobillsdrive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 111ms
109ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2133116029745484&correlator=2568761289221500&eid=31072019%2C31072879%2C31074164%2C31074222%2C44780989%2C31070233%2C44752585&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fifs&iu_parts=7103%3A1003292%2CSMG_TwoBillsDrive%2C300x250_2a%2Csports%2Cfootball%2Cnfl.main&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=4&adks=2698797620&sfv=1-0-40&eri=4&cust_params=kw%3DBuffalo%2520Bills%2520NFL%2520football%26title%3Dhttps%253A%252F%252Fwww.twobillsdrive.com%26targetPaths%3D%252F%26fullPath%3D%252F%26queryStr%3D%26domainName%3Dwww.twobillsdrive.com&sc=1&cookie_enabled=1&abxe=1&dt=1682695668209&dlt=1682695667363&idt=814&adxs=278&adys=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&frm=20&vis=1&psz=336x0&msz=336x0&fws=4&ohw=1140&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a5c9d1f812ff77a08e1860c39d6eed41c57309063be3f47015caca9107d938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11012
x-xss-protection: 0
google-lineitem-id: 4685314778
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234325685
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 101ms
100ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2133116029745484&correlator=2568761289221500&eid=31072019%2C31072879%2C31074164%2C31074222%2C44780989%2C31070233%2C44752585&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fifs&iu_parts=7103%3A1003292%2CSMG_TwoBillsDrive%2C300x250_2b%2Csports%2Cfootball%2Cnfl.main&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=5&adks=1226288614&sfv=1-0-40&eri=4&cust_params=kw%3DBuffalo%2520Bills%2520NFL%2520football%26title%3Dhttps%253A%252F%252Fwww.twobillsdrive.com%26targetPaths%3D%252F%26fullPath%3D%252F%26queryStr%3D%26domainName%3Dwww.twobillsdrive.com&sc=1&cookie_enabled=1&abxe=1&dt=1682695668217&dlt=1682695667363&idt=814&adxs=1002&adys=2373&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&frm=20&vis=1&psz=332x0&msz=332x0&fws=4&ohw=332&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f22c174e84f0fe50a69a4a27346e7675620d9a88bd52bb0eecfdf187da0e6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10999
x-xss-protection: 0
google-lineitem-id: 4685314778
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234325691
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5df83fda10d599e12be7e502dea1ac9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D175 6 KB
3 KB 61ms
18ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5df83fda10d599e12be7e502dea1ac9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:48 GMT
expires: Sat, 27 Apr 2024 15:27:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
610 B 68ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.twobillsdrive.com&callback=_gfp_s_&client=ca-pub-1067570087106119

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1067570087106119&plah=www.twobillsdrive.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

759c30670a62ffe407be618d85eaaac9508bacab6ce27b5836280465d9353a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B225 10 KB
5 KB 316ms
315ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&adk=1812271804&adf=3025194257&lmt=1682695668&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668012&bpp=4&bdt=649&idt=227&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6365423673826&frm=20&pv=2&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d065c47c70ae65e57e114be2107e0263579d9cc03e945c9213fd1d0810fd5418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:48 GMT
expires: Fri, 28 Apr 2023 15:27:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0BC1 98 KB
34 KB 1001ms
1000ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668016&bpp=2&bdt=653&idt=259&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XJeFZ2dHOM&p=https%3A//www.twobillsdrive.com&dtd=266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8906a8aae0c6655bad33bbedebc4616fd8f5a90580ef166ca41f3616238b452b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34139
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:49 GMT
expires: Fri, 28 Apr 2023 15:27:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BC7A 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 491713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 22:52:35 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BC7A 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 493425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:24:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BC7A 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 492377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:41:31 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63F3 31 KB
12 KB 372ms
371ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668018&bpp=1&bdt=655&idt=326&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=21ddjha79f&p=https%3A//www.twobillsdrive.com&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d61d95624b8afdae0e8dc49d73f339431e68b217d9c835dc17815c060c590e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:48 GMT
expires: Fri, 28 Apr 2023 15:27:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 54ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 15:27:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E37 0
0 48ms
47ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscnNf9T67dpfZTeljGp2vvOkKEevxr6hZlgTi-p05zu05j21sOxPbP_xjgACOHEF2qYqy9gtB4_MEGjd7i6DtMim9guh1UQdswggpUIR1xj2micKxsCOS0MgCQg6ayeGAXG09S_UNiuoQmjO-RniM2LRJjXWz6hTLFLypNAj_qcVdrVqf9C7I6YPte_oUi8l87TBRlXhsYB8tn5ph2f_FU_x1tVOGTYbOkdqTPWNFStLwXmyP2S_dlDXiLHIvTsMFHFA_DNEOGHwlh5W9uFWHTh38Xctx8ixzWwcV9UjqnTcz7k5o5oBvAf08-VpGqOnpXGLcAGxb9l78BD7D2SZINwaTMQ5ldfNeJfBP3r539komnWSESu4aUsx08NakP4zH_&sai=AMfl-YSX9ufCwEcwW9_AhF1lF04XNbN5eTwOG5az3NGERzpdDs1XL8liG2TsZhKZKJu6DBZcAMW9OvG3ShGSidf1ZFy-RHTSdcyNVC6I-BFo5ijUdFC4qcM0eB6pfjy6eWbDDe2vyebeq_dLALHusmsO&sig=Cg0ArKJSzGOjN79my_1BEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E37 158 KB
49 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F67B 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3-Xo8fAcPSE-LmJbW0PrKWf1VDZyPFqz3lZXdu1gp3OEgE8xAJJegm75py6On972EH6hVtzYhfHuT-lmYqH6whe9w1C38X5OcA04u-ntc2HFvtj9EVySVvqedaC3E3jarzOdZBVMaR3ig1Vhmu_up6FmNjus1RvRuxCnI-ORREls7jUr8daYuvmQDgAQ8LsfpI_K4vYDNHdXyQIX_jThWGVuPz0Zktr02e6l3rbSBB40rG7Hdhqr39r8kfwEyvnfPHM5CDVR8p21MQ6UPD1f8qsh5V2f8JDA6gPNaFvMsefF9o8WWA_DmK18FPEbZs9hJdS82nxi-km48rUGdJCz195LmH8Sc-pci3Kke8FQeTh6TtzhSYLXq0UWVYqIqKmM_&sai=AMfl-YSKD_nS7mZ0yRVh3BdhmoWB0xIZoFuqCuUvubIVC1IrbOv_EIle_Fkfn4J9I3amzdHNAL2d1x5UnBKmQEuTrMv5RPIWELSkW6EOVLix5vdclPeWBi9ULjgE8PYjcesNf8Gz01lWWf8dtliWxbw&sig=Cg0ArKJSzDez0WC-6HfjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F67B 158 KB
48 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame BC7A 102 B
134 B 25ms
24ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be00e32745c8f3253a510efcfb4c728f018a4bb685589b668c460af2064b6135

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=8ths2vo9dv4x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H2 404 smg_twobillsdrive.js
img.bnqt.com/lib/sdp-dfp-helper/site_config/ 0
0 130ms
130ms Script
application/xml 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.bnqt.com/lib/sdp-dfp-helper/site_config/smg_twobillsdrive.js?col=64314598
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9CD7 47 KB
13 KB 105ms
31ms Script
application/javascript 54.76.23.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325691&pubOrder=2158122228&cb=376180721&adsafe_par&impId=&custom2=&custom3=
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.23.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-23-13.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 48d147d713f0d151fc054a7a1298c2e5f50b3f5025d42d3c6a42852bfecf8ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E37 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_yW9kotMt2gMGjm0-bkIO13DshV_vb-m-U_09BpOKUPnbqmYlGJC4TZ9h-z9a5Vs0UHxj_jDjlHEcOjUo3SHTA6PNoKjn9dE40elBR7svQYj473Emy33vC5wtT24EiWDYOhrWC-HmSyr-cKZnqzMBXR-E7ymVx8X_IkncNHF2SBOJvdPrUpBGA33hSKxnaOhXWNmkpOMXrYdc_Dt9RTzkKFWRC7HN_OOcFJDJvq559ZTaQfs73B2XqYAYjMmTxeXbpoFD5-ZmL0XVpAVbqmycF6iMr_zf2cCZj5fKkgzs5IKoJ-hLbzpJwwFVzBozTth0RJwFi8eC6-xlH7S_Xt8xgkf7xo2rvq3Iqbp9W-7bCpdltTfqS6Vep40cLxT5HyNn3Aw&sai=AMfl-YRL8Uqo_H2ZmnHidsF-BGWQ2t45NjoEe3gwuqdSXs7Wyb8waFbOP8jEhISTwnNoOdz1HmhRxdnHVEWaHnly3DvwpPslbgcE8ZCnwAgiqNffV51E9yO_A8y9q2k6z-5cbq81hI6Os_ob2zWiFSPi&sig=Cg0ArKJSzO6yRx-1z4WsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame E50F 47 KB
13 KB 109ms
60ms Script
application/javascript 54.76.23.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1626942909&adsafe_par&impId=&custom2=&custom3=
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.23.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-23-13.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2930186444c8b49fc35151c90bdca1def9c17d751b7078f64b4ff40ebd8afe87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F67B 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs3EBM_4RdPLmlBmphUmRTuKZU9yA2L96KjooJGA9suXHMTv2ByLf2xMEPEPC90NszBZHShpRh1SB5JdPsPIOPxyqlWiyddxFoI74_NhE-soCk1uMIIgC6Q2OOnVimVUh4ifdA7BsZNRv3aUVAIXbc6dTemWAPV9sLLlcqB0ta73neDU1brkQRV-yckT7fQ7PRAzo2UoAIu1njRy3tbNDjJzoeejUI5k2EvXD534yRHiV3K_Cl0Lr-UMUxBH7uK331ffaF48kWr9ULMogiGW0qVTu8m_Cb3rck-Jq6m8GN0EWMa8ictLcT2IbR4dcPZ_QfGD1iNM7-JNH3sX6I1PFhiXaC8PKw2Wjf5T8j-wghrhHiDj-3cz-s2PSH9MpZbRNMvM0&sai=AMfl-YQlHI8mr-bKRhD5ivd3nIoGVwWaOJAbil9TDIAj8dSyH2hebVBzAUw1tTMSQxhMm3mgXOPueFrcILYXVVejz9xGcUbgZnjC7ThIDoApbodYe9vX1vQMYsj042am9mjy1UoD-x4ygD8HkL8iEmY&sig=Cg0ArKJSzCTEQd0Kr60HEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5387 15 KB
6 KB 43ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.twobillsdrive.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 720755
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5387
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=twobillsdrive.com&sn=ChromeSyncframe&so=0&topUrl=www.twobillsdrive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7l48Y3xoRncvKysrQkJIZUxmZmc2TGF6QTg0U2UzeDFFemxZVE1pVzN6OXM4clllU2hsQ1VNVGtDdXRhb0xVWGtLM0RpbkdoTm10NEFuZDNJR0tzdFIvNFgzcjQvejRkVlFpWkk2Z29Qdlp6dGV0V1hSMXpJbjVEay92ZG...

454 B
692 B

71ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7l48Y3xoRncvKysrQkJIZUxmZmc2TGF6QTg0U2UzeDFFemxZVE1pVzN6OXM4clllU2hsQ1VNVGtDdXRhb0xVWGtLM0RpbkdoTm10NEFuZDNJR0tzdFIvNFgzcjQvejRkVlFpWkk2Z29Qdlp6dGV0V1hSMXpJbjVEay92ZGtvM2ZVeGg5ZndjUGovalNOZUtLU3Rod0ZtdVN5OWFqenB1SzZvM2hGdk1BckFXY1NTNExKOU9KMWNMRXg1dlhoZ09icUF4bm11T3FNejRNRXFRbzNsc0NGSHJpUFBmMS9vTkQ1Tm83bEJtMmVleklrcUV5ODh2THJ2Sk1jRVJUWlQ1STg3QkNkZk45Nnhwa1JxVGNHU1gxU3ZMR1BGSmdQL254OVAwdzdYMGg3VDkzcXBoVT18&cppv=2

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ca52692387529fcd0339729393b6bbf80dca5e6c5ef394c413879e0bb1b77d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1415185
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=7l48Y3xoRncvKysrQkJIZUxmZmc2TGF6QTg0U2UzeDFFemxZVE1pVzN6OXM4clllU2hsQ1VNVGtDdXRhb0xVWGtLM0RpbkdoTm10NEFuZDNJR0tzdFIvNFgzcjQvejRkVlFpWkk2Z29Qdlp6dGV0V1hSMXpJbjVEay92ZGtvM2ZVeGg5ZndjUGovalNOZUtLU3Rod0ZtdVN5OWFqenB1SzZvM2hGdk1BckFXY1NTNExKOU9KMWNMRXg1dlhoZ09icUF4bm11T3FNejRNRXFRbzNsc0NGSHJpUFBmMS9vTkQ1Tm83bEJtMmVleklrcUV5ODh2THJ2Sk1jRVJUWlQ1STg3QkNkZk45Nnhwa1JxVGNHU1gxU3ZMR1BGSmdQL254OVAwdzdYMGg3VDkzcXBoVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 332454
content-length: 0
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D8E 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUBLI9OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTRAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEck1OseAI4qT9vCzBYM9FklYligNqLLZcwckJXai6VshEGVWEU8wEgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTEwNjc1NzAwODcxMDYxMTkYAA&sigh=YFe0zyKYt5E&uach_m=[UACH]&cid=CAQSKQBygQiDpQHsbTV297jQEAcZ2wfQ9ErWoOw9k2DlBkJgr1vpsvzihP9MGAE

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668018&bpp=1&bdt=655&idt=326&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=21ddjha79f&p=https%3A//www.twobillsdrive.com&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5D8E 0
0 49ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jm1he05srte1qcjm932edssp45rz06tfzdhkv8k98spb6bseacvdb1bsygh73xg10sk0mkwsyz7xrfedv7hafvrppcsssg0h5sb0xtym3fencm0h8yw7k18gm4n9mdn2s9am4bbt66zgar63bv546xbw58pajh9m84mr5dysbweztddbyvnnmmsb040j5m01rb7a1pwqs169jav2y2v8pehmxfna3fp6ggtsjba2vkc8w37q266g12mkf6vbgegrwkpkfd3eexgpfq6682s40jbhve5r6bk7bgeq76vx4k7ajkvs67k67kc5g0w0exzd017z389tktv7z6mj3zdrv8jdfawv663ge84hb0zxqn3tam7mrnc8p0k60dh03jsmy79e4gzrxmvq1s0&b=ZEvl9AAFxnQK7dFQAAC5JMsDQ6kBD5e7zwkqtw
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 15:27:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4321 2 KB
3 KB 58ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hjp71wh91dgbvgwy1jwpxy07qye3hm1w4rc7dqepgec9fmqspja0md914bs67avvqp52c1tekpn9sxz7esjkesy2mmatywde8evyzrysymtm21ntsa6rxngq90f99hsqc6cesqthwcb6dwzqzbza83kdfezc2392b1rctq7jcqcrk4rk2e0tqtpnd1c3dch1pcrkehcaygf3nsqrf60pwbgxz8tzhyz1pk2m7aw3kb9ywmdhnb6j4bc6986p78v9pn22r40vmtv4aaqqhfpbqb9ddwg158jnnf6zeg39ymz1hkps0mczemn8m0gt5dq2vh6hg403gbhr38v7ckmw7k3xkt4bn13rm665t9hs75ew20ht4anx5541r240wbp2qmbhyrypebhj0031newfar3yp7zmx730anevv8yjpwh38ap7f29478jmznzyf0zp0em3zn8kmqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%26client%3Dca-pub-1067570087106119%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668018&bpp=1&bdt=655&idt=326&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=21ddjha79f&p=https%3A//www.twobillsdrive.com&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

607c04cb6a5bcb064a09577eb42e9284aae12c2f578283e82435433444c21e4a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bf054da29cb5b2c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:48 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5D8E 3 KB
1 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 86E2 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 28 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 5D8E 19 KB
8 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5D8E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8llp2sip7VH_qGLuIF-qHQeK7lmfMlFbT5XjmR2uMnc-QI5OjBjD-22wKrgiQ4TrWAHOyDWl3wzxOfNlBbrTnBrtrYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668018&bpp=1&bdt=655&idt=326&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=21ddjha79f&p=https%3A//www.twobillsdrive.com&dtd=330
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D8E 158 KB
48 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:48 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame BC7A 32 KB
18 KB 54ms
53ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b4049fd6656718cfca037835f68451e9b8c7395ff968c76668c9a719f3e16d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&cb=8ths2vo9dv4x
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18649
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 15:27:48 GMT

GET
H2 200 main.19.8.400.js Show response
static.adsafeprotected.com/ Frame 9CD7 200 KB
63 KB 49ms
7ms Script
application/javascript 2600:9000:223f:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.400.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325691&pubOrder=2158122228&cb=376180721&adsafe_par&impId=&custom2=&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:30:35 GMT
x-amz-version-id: 9BUnpPANWGwKG0lesMwpAnHwbT.x8zbq
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3265033
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:44 GMT
server: AmazonS3
etag: W/"2e8e5f6f251e442e71ad1eeec0beab78"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: B9d-MUe2uN2uKA2G2unxFm-0nYnzBva1W_YIB0kNXPpRaZCV_KEdXQ==

GET
H2 200 main.19.8.400.js Show response
static.adsafeprotected.com/ Frame E50F 200 KB
63 KB 52ms
13ms Script
application/javascript 2600:9000:223f:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.400.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1626942909&adsafe_par&impId=&custom2=&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:30:35 GMT
x-amz-version-id: 9BUnpPANWGwKG0lesMwpAnHwbT.x8zbq
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3265033
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:44 GMT
server: AmazonS3
etag: W/"2e8e5f6f251e442e71ad1eeec0beab78"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Vce4e3qzhPuFMFxKyI4VJ0MeyMwkCixTnaz4s7GEdZ-W7NGVb-JJ_g==

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 86E2 0
104 B 387ms
23ms Image
text/plain 89.207.16.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGS2nOeHg9mNxhUth_L9FW0&google_cver=1&google_push=ATf1kGP-zs1r6mHxqSLLZ1-ZpPCWYCzNgvyfso5HLgN00jsvI12QrHTikWlj9VkjpsOR3wh5rdC2agrdsSi9PUKJAxGT4j-WyTtBMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668018&bpp=1&bdt=655&idt=326&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=21ddjha79f&p=https%3A//www.twobillsdrive.com&dtd=330
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams03-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86E2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM5uY9g9JOTKiXLvNJT7V3U&google_cver=1&google_push=ATf1kGMTI5e_foLqOXWCSz5kSyTec_ZNjH_24AlLmbk0lUdLpBsrDLpqr75tfZs9WWJwtxr5_wZ6PgWBfSr3Gzcd...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMTI5e_foLqOXWCSz5kSyTec_ZNjH_24AlLmbk0lUdLpBsrDLpqr75tfZs9WWJwtxr5_wZ6PgWBfSr3Gzcd5N8x05P-CMf7-w

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMTI5e_foLqOXWCSz5kSyTec_ZNjH_24AlLmbk0lUdLpBsrDLpqr75tfZs9WWJwtxr5_wZ6PgWBfSr3Gzcd5N8x05P-CMf7-w

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 28 Apr 2023 15:27:48 GMT
Server: MT3 830 785530e master cdg-pixel-x12 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMTI5e_foLqOXWCSz5kSyTec_ZNjH_24AlLmbk0lUdLpBsrDLpqr75tfZs9WWJwtxr5_wZ6PgWBfSr3Gzcd5N8x05P-CMf7-w
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 28 Apr 2023 15:27:47 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE4ZYEPa18BOWDjsoXshuCk&google_cver=1&google_push=ATf1kGNTgramWm0g8gdDZfnt3pKAXoQClkTUupMr4vwXaypOp3Q2jbCZzMG14z9Fofb_w--UL05TlIF5vXD_UgJDPKO5CBgsEpzs2A
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B5B18D0F36C4CF0BD69403CD56CB971&google_push=ATf1kGNTgramWm0g8gdDZfnt3pKAXoQClkTUupMr4vwXaypOp3Q2jbCZzMG14z9Fofb_w--UL05TlIF5vXD_UgJ...

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B5B18D0F36C4CF0BD69403CD56CB971&google_push=ATf1kGNTgramWm0g8gdDZfnt3pKAXoQClkTUupMr4vwXaypOp3Q2jbCZzMG14z9Fofb_w--UL05TlIF5vXD_UgJDPKO5CBgsEpzs2A

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Apr 2023 15:27:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B5B18D0F36C4CF0BD69403CD56CB971&google_push=ATf1kGNTgramWm0g8gdDZfnt3pKAXoQClkTUupMr4vwXaypOp3Q2jbCZzMG14z9Fofb_w--UL05TlIF5vXD_UgJDPKO5CBgsEpzs2A
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 27 Apr 2023 15:27:48 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIfwoKJXMfoFH3t7Y0gpAzo&google_cver=1&google_push=ATf1kGMW1u69clSFPk25QlCw1BrN4VyrQfJDxJkw7RJUhAaQ3A2ReJiXEJTt4V4rVi_QeUKddTKPRuu5GIUAGQ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNzEyMjg2MzIwOTA1MjMxMQ%3D%3D&google_push=ATf1kGMW1u69clSFPk25QlCw1BrN4VyrQfJDxJkw7RJUhAaQ3A2ReJiXEJTt4V4rVi_QeUKddTKPRuu5GIUAGQGGNS...

170 B
329 B

18ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNzEyMjg2MzIwOTA1MjMxMQ%3D%3D&google_push=ATf1kGMW1u69clSFPk25QlCw1BrN4VyrQfJDxJkw7RJUhAaQ3A2ReJiXEJTt4V4rVi_QeUKddTKPRuu5GIUAGQGGNSObQcLHAPKrUA

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNzEyMjg2MzIwOTA1MjMxMQ%3D%3D&google_push=ATf1kGMW1u69clSFPk25QlCw1BrN4VyrQfJDxJkw7RJUhAaQ3A2ReJiXEJTt4V4rVi_QeUKddTKPRuu5GIUAGQGGNSObQcLHAPKrUA
Date: Fri, 28 Apr 2023 15:27:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E2
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENSnC-X9DwuzWhgJH5BPYFM&google_cver=1&google_push=ATf1kGO5iMxhAKEaUvjACjAmLMsJ0BrnFpJl7SAzEY2jnlW27hiy5Cdvn2ElSxidyUVRzvVFYRUHM_Qj1edPxa71...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l3k5IwlqROSLPW8gu5w5fA2&google_push=ATf1kGO5iMxhAKEaUvjACjAmLMsJ0BrnFpJl7SAzEY2jnlW27hiy5Cdvn2ElSxidyUVRzvVFYRUHM_Qj1edPxa715bnmFk39jdC7

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l3k5IwlqROSLPW8gu5w5fA2&google_push=ATf1kGO5iMxhAKEaUvjACjAmLMsJ0BrnFpJl7SAzEY2jnlW27hiy5Cdvn2ElSxidyUVRzvVFYRUHM_Qj1edPxa715bnmFk39jdC7

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Apr 2023 15:27:48 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=l3k5IwlqROSLPW8gu5w5fA2&google_push=ATf1kGO5iMxhAKEaUvjACjAmLMsJ0BrnFpJl7SAzEY2jnlW27hiy5Cdvn2ElSxidyUVRzvVFYRUHM_Qj1edPxa715bnmFk39jdC7
x-host: tde-deliveryengine-production-69d487867f-lv2ww
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86E2
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENC8OKgSVEjuphmisQeVfH8&google_cver=1&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQ...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENC8OKgSVEjuphmisQeVfH8&google_cver=1&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0e...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQqFt6K_6gng&google_hm=jW9xKh-4QGiijjjC2rXXSw==

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQqFt6K_6gng&google_hm=jW9xKh-4QGiijjjC2rXXSw==

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQqFt6K_6gng&google_hm=jW9xKh-4QGiijjjC2rXXSw==
date: Fri, 28 Apr 2023 15:27:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 86E2
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGcgNmi1G9EuxIpAH-myG7U&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOZBA__2MWBMprJaQ3b2vS67Dq1oP4QIoTe06jik1kRoCDfPLGsylfDIMGj3VqDhNqUIOfEcsgfGbdR1NkIROGB7IxF6CgXYQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

38ms
38ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668018&bpp=1&bdt=655&idt=326&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=21ddjha79f&p=https%3A//www.twobillsdrive.com&dtd=330
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 28 Apr 2023 15:27:49 GMT
pragma: no-cache
date: Fri, 28 Apr 2023 15:27:49 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 86E2 0
130 B 44ms
13ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuJzRQXUjTfTrxOnWVLFkmPZweb4qAvLuFXfVUvyMksZbaE8XlSJqH0TF5WHt12LDqqS_LHw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 5D8E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d7a92bd14dd8f4d611c41733287be41f7cf2e864fe95a0528e2e330c1dbab8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 4321 94 KB
12 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjp71wh91dgbvgwy1jwpxy07qye3hm1w4rc7dqepgec9fmqspja0md914bs67avvqp52c1tekpn9sxz7esjkesy2mmatywde8evyzrysymtm21ntsa6rxngq90f99hsqc6cesqthwcb6dwzqzbza83kdfezc2392b1rctq7jcqcrk4rk2e0tqtpnd1c3dch1pcrkehcaygf3nsqrf60pwbgxz8tzhyz1pk2m7aw3kb9ywmdhnb6j4bc6986p78v9pn22r40vmtv4aaqqhfpbqb9ddwg158jnnf6zeg39ymz1hkps0mczemn8m0gt5dq2vh6hg403gbhr38v7ckmw7k3xkt4bn13rm665t9hs75ew20ht4anx5541r240wbp2qmbhyrypebhj0031newfar3yp7zmx730anevv8yjpwh38ap7f29478jmznzyf0zp0em3zn8kmqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%26client%3Dca-pub-1067570087106119%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hjp71wh91dgbvgwy1jwpxy07qye3hm1w4rc7dqepgec9fmqspja0md914bs67avvqp52c1tekpn9sxz7esjkesy2mmatywde8evyzrysymtm21ntsa6rxngq90f99hsqc6cesqthwcb6dwzqzbza83kdfezc2392b1rctq7jcqcrk4rk2e0tqtpnd1c3dch1pcrkehcaygf3nsqrf60pwbgxz8tzhyz1pk2m7aw3kb9ywmdhnb6j4bc6986p78v9pn22r40vmtv4aaqqhfpbqb9ddwg158jnnf6zeg39ymz1hkps0mczemn8m0gt5dq2vh6hg403gbhr38v7ckmw7k3xkt4bn13rm665t9hs75ew20ht4anx5541r240wbp2qmbhyrypebhj0031newfar3yp7zmx730anevv8yjpwh38ap7f29478jmznzyf0zp0em3zn8kmqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%26client%3Dca-pub-1067570087106119%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 274986
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3T8Lv%2BMJ7UP%2BlGGXKbB8E9cmeHHbKnkAv0MGT4TvHhf3iXULKFj6zeVrrVv6WNjhoKxWhsuQqSoay563%2FsqBlR1dlfhNvHSwp%2FrHP32kCgKNGh3WOat6Zxc0N05%2FYaRLcaTEJd%2FrIhU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bf054da8a255b2c-FRA
expires: Fri, 28 Apr 2023 16:27:48 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4321 25 KB
10 KB 32ms
16ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjp71wh91dgbvgwy1jwpxy07qye3hm1w4rc7dqepgec9fmqspja0md914bs67avvqp52c1tekpn9sxz7esjkesy2mmatywde8evyzrysymtm21ntsa6rxngq90f99hsqc6cesqthwcb6dwzqzbza83kdfezc2392b1rctq7jcqcrk4rk2e0tqtpnd1c3dch1pcrkehcaygf3nsqrf60pwbgxz8tzhyz1pk2m7aw3kb9ywmdhnb6j4bc6986p78v9pn22r40vmtv4aaqqhfpbqb9ddwg158jnnf6zeg39ymz1hkps0mczemn8m0gt5dq2vh6hg403gbhr38v7ckmw7k3xkt4bn13rm665t9hs75ew20ht4anx5541r240wbp2qmbhyrypebhj0031newfar3yp7zmx730anevv8yjpwh38ap7f29478jmznzyf0zp0em3zn8kmqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%26client%3Dca-pub-1067570087106119%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 265318
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8TnOrdfeKqsKCfl1ZpxzLx49ZM88%2Fn7GPht7c30Va3uurRWM5B0rPPgRFaYEd%2BEC4Ly0sWOTWmuGN8HfCTvORMWmxpj8DEls%2Bp3%2B7UKoI19ptToBUcUWTeGP3JCFqDMH%2BoEiKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7bf054daaa325b2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Apr 2023 13:45:45 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7FF9 91 KB
23 KB 6ms
6ms Script
application/javascript 2600:9000:223f:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18921092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wnsg0PbFt_gto1ms4NBD0KI7ByS4XLkxZlE_Z85Uue9Yi1V4kJCIJQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 41ms
41ms Image
image/gif 54.76.23.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325691&pubOrder=2158122228&cb=376180721&adsafe_par&impId=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.twobillsdrive.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:d2689abc-fd53-5fec-7d12-6b9bc72441f3,c:b5T4Hh,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67fb65999c-7hpfd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:106,mot:0,app:0,maw:0,fm:tCJJxEJ+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C17*.922805%7C171%7C181%7C19%7C1a,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:122,oid:3b715390-e5d9-11ed-8808-1eb8b3c4bf51,v:19.8.400,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.23.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-23-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9B29 91 KB
23 KB 7ms
6ms Script
application/javascript 2600:9000:223f:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18921092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: BQvfTiLGbLsLYQNwqg4zgVdtybjF4id6N9POL7rbQjU6f8QhHVyE0g==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 39ms
39ms Image
image/gif 54.76.23.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1626942909&adsafe_par&impId=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.twobillsdrive.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:73f240da-6e66-ef9e-a4a7-66aa392512cb,c:b5T4HD,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67fb65999c-rcd6w,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:135,mot:0,app:0,maw:0,fm:tCJJxEM+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C171%7C172%7C18*.922805%7C181%7C19%7C1a,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:142,oid:3b717b2f-e5d9-11ed-8c66-f6149a6e2f23,v:19.8.400,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.23.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-23-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:48 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 549ms
171ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=d2689abc-fd53-5fec-7d12-6b9bc72441f3&tv=%7Bc:b5T4I2,pingTime:-2,time:169,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:272,beZ:273,mfA:378,cmA:379,inA:379,inZ:384,prA:384,prZ:388,si:394,poA:395,poZ:409,cmZ:409,mfZ:409,loA:431,loZ:434,ltA:440,ltZ:440,mdA:274,mdZ:331%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1682695668969,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:169,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:121,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tCJJxEJ+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C17*.922805%7C171%7C18.922805%7C181%7C19%7C1a,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV.us.sn,siq:123,slid:%5Bgoogle_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2b/sports/football/nfl.main_0,google_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2b/sports/football/nfl.main_0__container__,usmg_ad_SMG_TwoBillsDrive_300x250_2b_sports_football_nfl.main,custom_html-2,genesis-sidebar-primary%5D,sinceFw:45,readyFired:true%7D&br=c
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:49 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 545ms
170ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=73f240da-6e66-ef9e-a4a7-66aa392512cb&tv=%7Bc:b5T4I4,pingTime:-2,time:168,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:250,beZ:251,mfA:385,cmA:385,inA:385,inZ:386,prA:386,prZ:389,si:391,poA:391,poZ:399,cmZ:399,mfZ:399,loA:411,loZ:412,ltA:417,ltZ:417,mdA:251,mdZ:310%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1682695668974,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:168,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:141,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tCJJxEJ+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C17.922805%7C171%7C172%7C18*.922805%7C181%7C19%7C1a,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV.us.sn,siq:142,slid:%5Bgoogle_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2a/sports/football/nfl.main_0,google_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2a/sports/football/nfl.main_0__container__,usmg_ad_SMG_TwoBillsDrive_300x250_2a_sports_football_nfl.main,sidebysideads,genesis-content%5D,sinceFw:25,readyFired:true%7D&br=c
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:49 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4321 3 KB
4 KB 46ms
17ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3046
x-guploader-uploadid: ADPycdsbbnt5NrGD8XWC9mz7OThy64CUbvokcgdlXT8JWFSQN4ce5RerNBbtgxA17hV5xErngQFpZk-j06mXgsBB8zaIBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnuWa8pmZ3lVHoyZNGeclOp0T9iNQzjd6Lc%2B3Fns3u6rxOzOED0wfFgCii1k5h9f04eQixG8vNN2rDPdDbDokaj9bWJHJzroEZQa7w%2B49CgxxvLDl5RbiF7lZIarCCzHfOcJe8YLIsUXt7MMLAsEA8IS"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7bf054db5cf32bb9-FRA
expires: Fri, 28 Apr 2023 15:26:42 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 65B0 2 KB
1 KB 18ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7bf054db38b95c14-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 15:27:49 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Nj3b4CTD%2BBTJFRGmv%2FY8TRM9AS4KaDvbc2bRDX5xGlk9RTusVgjoP27Dj2wRYFlVLChXFFjw7UFO%2B6IzBSAH1zJr3XeeNIlST1aYuha9qrjpvxGwaV4KdgRr%2Bh%2FuTwpQCCodPg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 4321 1 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 156216abe2badcb9eafc11c26d67e0e9f31081b9442dbacf30507beef49fcda0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2vJhfHgZSzcvOnkg9WP1G0KezzIik0SLQ2NoPadYJPLkeILGnR1eLriollzeGgRZ1n7UMYbp9sQ0BI%2B25eNrbP5corDUc1TFiVrQ7eRD6Mb2aGMoIi5jP8mr7GbcL%2BC7Ob5DSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7bf054dbac273723-FRA
x-backend-server: aa-reachservice-group-europe-west1-q5px
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 38ms
26ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bf054db7bfb3723-FRA
content-length: 24
content-type: text/plain
date: Fri, 28 Apr 2023 15:27:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP1eCgpRhr1QBPZEf6coVypjJFTb9cWXWGr5nqzcYQcLqaa0qri2Pbyaz3zt1BogLGz3smNBQsb7SENNERNq5IDQzLnSW5W2fb9e%2FZKElkmDkScq9X0IezB%2FcuJgfNXwhkk1TYw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q5px

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0EBE 11 KB
4 KB 37ms
37ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ca851b3f2820a26234efcf1a6d7a81207dcce63c424800442f32e217e3b195

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hjp71wh91dgbvgwy1jwpxy07qye3hm1w4rc7dqepgec9fmqspja0md914bs67avvqp52c1tekpn9sxz7esjkesy2mmatywde8evyzrysymtm21ntsa6rxngq90f99hsqc6cesqthwcb6dwzqzbza83kdfezc2392b1rctq7jcqcrk4rk2e0tqtpnd1c3dch1pcrkehcaygf3nsqrf60pwbgxz8tzhyz1pk2m7aw3kb9ywmdhnb6j4bc6986p78v9pn22r40vmtv4aaqqhfpbqb9ddwg158jnnf6zeg39ymz1hkps0mczemn8m0gt5dq2vh6hg403gbhr38v7ckmw7k3xkt4bn13rm665t9hs75ew20ht4anx5541r240wbp2qmbhyrypebhj0031newfar3yp7zmx730anevv8yjpwh38ap7f29478jmznzyf0zp0em3zn8kmqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%26client%3Dca-pub-1067570087106119%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bf054dbe9775c14-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:49 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 0EBE 94 KB
12 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 274987
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGhFcbpQ31hbtOZaDvPSh91SI5%2B0lEqoJ%2Fo4b6pCW4mRR5wYW7KHQ7wDPq0gpQeBhqgwsU0vEf5FEs9iDXxHHi9cnU5aB31VZ6vd2qhdurE8U9DzyFJ3xC0kv17PRiQ%2FeviBCCj88RY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7bf054dc39b45c14-FRA
expires: Fri, 28 Apr 2023 16:27:49 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 0EBE 5 KB
5 KB 60ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72987
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQLekmk2xHcapNacQx5kP7NRcBXRRYKKQtAqkuG8BpcV7FG%2B9bdr6eQChrZHE6ZCxkXl9HhtZstyp%2BTvzaIc38HA4owh4ClSxPBVNSwgLrvEWw9ddEtovqoiBOrLr4lW0uGR2WDJruYw3vk9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bf054dc5bd25b2c-FRA
expires: Sat, 29 Apr 2023 15:27:49 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 0EBE 54 KB
55 KB 41ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144668
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKz%2BJRE0mYzi8BPxjUT%2F2c%2BXXew5n%2Ff75W2MvwtHbuAdftczqC8eUMLUUoHs0RazIoDBlYPOkca3DycjSkw89ZO%2FdX0wNgL%2F12LKR5I6jLR5sns5oXKhd7k1f6FCpbwVtjXMZYHnWz3WMOmb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bf054dc5bce5b2c-FRA
expires: Sat, 29 Apr 2023 15:27:49 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 0EBE 2 KB
3 KB 42ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 709805
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhleCMZ0znSm%2B9teHP7%2FbcQ%2BrT806x7aqmm7Qzmw3tOHIL2GAkIQBJ2Ky28iaH13AWaLJ5hqDcMs3kilASd5UvNbStc0V3HbZm4yytE9VVbwJOkRdJueiSVCIqbbtSouVmdlEX2WZxKPdQuS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bf054dc5bd05b2c-FRA
expires: Sat, 29 Apr 2023 15:27:49 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 0EBE 339 KB
340 KB 47ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333029
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmFrkctyRjPa4eMonH7FnV%2BY4NTaZoQX5Axb%2BmtwPaiV9QDjvlbfQFcLRjhZsXZM3z7TspSWoVlElxSpbu50b7FgPGsOj8e7EDA%2F1jtB4kKS5FIQY%2F2JX20Nks7pEM9SgzOxoytYNBt8FL2C"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bf054dc5bcd5b2c-FRA
expires: Sat, 29 Apr 2023 15:27:49 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0EBE 43 B
702 B 82ms
49ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 15:27:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 0EBE 36 KB
36 KB 37ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424530
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZU%2B6asXvbcukjmYNgNoTMg6zCuDoUe6pjrIeeoOWh8ueNc%2B69YTzfYk%2FOAPqeVEHEeOfa2%2F82jOqT24MahE4pbInVt5otMzvhS%2F6HYEmhZv2N%2F51Om1SpyUSasGQ%2BlYNjq4UkShAixE1HFI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bf054dc5bcb5b2c-FRA
expires: Sat, 29 Apr 2023 15:27:49 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 0EBE 38 KB
38 KB 34ms
17ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840046
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBt8DFgwf5N9rrj20UO5%2F%2FiJEsyOeH1wD1RCcEymqJo2Yj%2B3ezzq1snDQ51IlZ0thxJQnStIk%2BR0wrPU8e8uYDdOWfAW%2FPikEzy18qbXFFyKZ6XXIasdYHpYJEq6lwb0ShGVK%2Bv8L3er9ZDj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bf054dc5bcf5b2c-FRA
expires: Sat, 29 Apr 2023 15:27:49 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0EBE 43 B
702 B 108ms
75ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Apr 2023 15:27:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0EBE 2 KB
2 KB 117ms
58ms Script
text/html 13.40.227.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8hdfqqeyez38w17jxga110h7ctrh4nc57rqf16s67adksv5qzsmm2609355yt4qv1k21sy645pgggy66xwdt9pkqajzd290r69qdbwwpsdc4e5f5mrfzd3jpbewadnznst0bebsm4fbs0zgjxycbghg3nzsare5kbs2n6bdrqx7rh6yexvnxmxvktsypaj3xe09echzbty4tmj3p58n4zeqps2mkbztx06wnajvj6rqdzh3mk40t9b92b6rhb6dmy9p%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%252526client%25253Dca-pub-1067570087106119%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.227.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-227-197.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7f8788ad287b80492eb02ad682bdfccdb9f7625de2c51b2216eb8e43f0a8eb0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
last-modified: Fri, 28 Apr 2023 15:27:49 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 28 Apr 2023 15:28:49 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 243ms
173ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=d2689abc-fd53-5fec-7d12-6b9bc72441f3&tv=%7Bc:b5T4MY,pingTime:-10,time:475,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682695669284%7C%7C3bb4f09808954104acd28339c5adfa4a%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C360140962a3e09c270a27c88bbff04d4%7C%7C51f309bea18a7a036842f68ae0804df8%7C%7C70d9f985c587b2ccf6853af41de9c5c5%7C%7C26cb4dba9e5d2473020f3349f075757b%7C%7C386d47ebb41e1bb0d008b7d0463fb573%7C%7C1663701684%7D
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:49 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame 0BC1 9 KB
1017 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668016&bpp=2&bdt=653&idt=259&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XJeFZ2dHOM&p=https%3A//www.twobillsdrive.com&dtd=266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 13:36:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 15:27:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0BC1 2 KB
818 B 11ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 0BC1 22 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0BC1 3 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0BC1 19 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 20:05:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BC1 158 KB
48 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 15:27:49 GMT

GET
H3 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 0BC1 32 KB
13 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0BC1 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7OCt9OVLZNX8Eo_ItweG1K7gAcTq6KNwzJSAsO4IssaRockVEAEglOfsA2CV4pCCoAegAdT5-ocDyAEJqQLQvqB80mqyPqgDAcgDywSqBOoBT9AeM3YQJbSQYzOfhtJ34zIm9uMdgmWvOnGPBZNf5CdijStGusK1E1NbATe0Hr6yDO1l6oHY7rb3k-ngUllKbOOFKHS3CUNIZ8jKs_iywoO77wo5iiWh6gvrESek2685iRIlgb8nvuEI5BNZOoZaUdDD2dXmvwDVkBbLJk3B7foNcMxiRQB_qP32UN0_lHaVGwi5kXsk3P4zpBMM6W65oEIrUOrLlXxsfdpKMunVmQpRVEnlGpx2MB8KZZ98aUKO-RSDWka2llAJeR9klK-Z1HeQl2Kbbk_BCmAa-LFNNJHDh2887pP4-_04wASNlJGKhQKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlIaFeKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOGtKNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTEwNjc1NzAwODcxMDYxMTkYAA&sigh=1HQMixvNzO4&uach_m=[UACH]&cid=CAQSGwBygQiDhDDwkVG98Lu14niK3NKEWv25smBxdxgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1682695668&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682695668016&bpp=2&bdt=653&idt=259&shv=r20230426&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6365423673826&frm=20&pv=1&ga_vid=1752883673.1682695668&ga_sid=1682695668&ga_hid=1643904680&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073968%2C44782467%2C44785294%2C44789762%2C44789923&oid=2&pvsid=2133116029745484&tmod=348754644&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XJeFZ2dHOM&p=https%3A//www.twobillsdrive.com&dtd=266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Apr 2023 15:27:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12230190119000491098/ Frame 0BC1 52 KB
52 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12230190119000491098/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3ce81ce7ed5972dc9017ba2e33be81cf2ecd27ea417c4a069191b7e844c72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 07:29:26 GMT
x-content-type-options: nosniff
age: 287903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53140
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 16:19:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 07:29:26 GMT

GET
DATA 200
OK truncated
/ Frame 0BC1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0BC1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0EBE 85 KB
31 KB 65ms
7ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8hdfqqeyez38w17jxga110h7ctrh4nc57rqf16s67adksv5qzsmm2609355yt4qv1k21sy645pgggy66xwdt9pkqajzd290r69qdbwwpsdc4e5f5mrfzd3jpbewadnznst0bebsm4fbs0zgjxycbghg3nzsare5kbs2n6bdrqx7rh6yexvnxmxvktsypaj3xe09echzbty4tmj3p58n4zeqps2mkbztx06wnajvj6rqdzh3mk40t9b92b6rhb6dmy9p%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%252526client%25253Dca-pub-1067570087106119%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 05:34:41 GMT
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 35589
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ZDLg6fmeqkdn8uEtdc9j6bRG-0TJQ72UVCgCVH3PfwcKwjJa0puRcQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 0EBE 15 KB
15 KB 46ms
7ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1682695969&Signature=K6RoyiunPHi06T1jxD9Xc0IJy1ixnaPkfWKXVZA1uG1NaYrWhwnSdrPiBoWunxFl0pB2SBzwPAHd3gDcaxpqSq3MrLdOHX1bh1UxPWQYcSwOOaZbPanJCFwdHw1e79OUhZPYNny9dWMKdVNtTKuMiX1ksYbPzvoD0-nwzHfLsAUcOTlMdjS7Yndu19iBVE22YSrBkuGBj1rdyAUWtt4uS0ocS3ALJLjrZQhfYVZSnHvPZ6dyqdpUub6fJ7VzOC9IDPVvJXD9NmfnEUK73NmqmVCnNuCPMatTDs2EU~xz5upXK0bFD5-~KM-yp656~EDRx0cB-G67LJ7UFOa7ZW6-tg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 28 Apr 2023 06:04:45 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 33784
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: dyE_KrV-dtO-CZsrtQGgZvB-7xK1jqmZYgaALzHJ9QK9uTHax11vpA==

GET
DATA 200
OK truncated
/ Frame 0BC1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58ac020afa35a99836420c23256fd326fd0a94cbc5731e9af71aeccc9d806c7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 0BC1 29 KB
29 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 493279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:26:30 GMT

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 579E 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Apr 2024 15:01:14 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 55ms
54ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6c6ddedcab71a21a30723b52984a79ad7cbfc8c97fed06095647e219d787a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11317
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 15:27:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60F9 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 09:25:38 GMT
expires: Sat, 27 Apr 2024 09:25:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0006 783 B
536 B 21ms
20ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49ff5f9645466b6c390971c3abbf446b14cd5f3bb0c733b9a1fb9662d10286ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VI_fr4WzEQNiY2kN0h47pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-VI_fr4WzEQNiY2kN0h47pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 15:27:49 GMT
expires: Fri, 28 Apr 2023 15:27:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 60F9 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Apr 2024 15:01:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0006 0
0 119ms
119ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250201&jk=2133116029745484&rc=05ABAvrlQx7A7hJpkfOgwA_4gfAAXL-cktcEDhaeSbQx2Cetl_WYeWeOYzm5sVAP1DQXZ-bT5TK6i2NZeeQ_Falz2Lyj96OMlTXWsaC1rLFkymJyhmI2lpZbV8Fxf53v2S0kTWSednOrX6cLNv09Hnjcm41kayI9Xx-K-K0sjHyZu6EVgPPNLf3CEqfKSeDw4ZGfOSRjyb6fCUq2Iogw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 60F9 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZkC22g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 15:27:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
170ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=73f240da-6e66-ef9e-a4a7-66aa392512cb&tv=%7Bc:b5T4Z8,pingTime:-10,time:1226,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682695669284%7C%7C3bb4f09808954104acd28339c5adfa4a%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C360140962a3e09c270a27c88bbff04d4%7C%7C51f309bea18a7a036842f68ae0804df8%7C%7C70d9f985c587b2ccf6853af41de9c5c5%7C%7C26cb4dba9e5d2473020f3349f075757b%7C%7C386d47ebb41e1bb0d008b7d0463fb573%7C%7C1663701684,sca:%7Bspg:d2689abc-fd53-5fec-7d12-6b9bc72441f3%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:50 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0EBE 16 B
232 B 56ms
55ms Fetch
application/json 18.130.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.130.95.23 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-130-95-23.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 15:27:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 81ms
20ms Preflight 18.130.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.95.23 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-95-23.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 28 Apr 2023 15:27:50 GMT
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
170ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=d2689abc-fd53-5fec-7d12-6b9bc72441f3&tv=%7Bc:b5T51m,time:1367,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1367,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:121,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1257~0%5D,as:%5B1257~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:247,fm:tCJJxEJ+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C17*.922805%7C171%7C18.922805%7C181%7C19%7C1a,idMap:17*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:123,sis:185%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:50 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 169ms
169ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=73f240da-6e66-ef9e-a4a7-66aa392512cb&tv=%7Bc:b5T51m,time:1364,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1364,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:141,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1228~0%5D,as:%5B1228~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:548,fm:tCJJxEJ+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C17.922805%7C171%7C172%7C18*.922805%7C181%7C19%7C1a,idMap:18*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:142,sis:191%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:50 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
113ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250201&jk=2133116029745484&bg=!4eKl4rbNAAb9Sbh13Uk7ADkAdvg8Wn3dTngVspS6Nm3an35a9HzAIncaFw5SpqRYQHV_HIw_I6fng2TdlWaOBLLKcuIUGcTAHGYCAAAASFIAAAAEaAEHmQLci6WpWjYwW2oR0P-yMZs7LWckYBonIxb4Fl6bhb__RSApZ9VocUtSEyjk1X2dwmP-iXuBJd9Q9mU9lpXB4vp5bsrA0DQFghK1xcCFj3Pkbw5ULT3Dc8cZfCUsXpBDDcTVK1fK23NWtOGkrb6gUK58OfAdu8BYio6-dTZ17IzuV1MQeh7Wfc8JGy9dhQJY3BtuSLu00dN_gTZYpe0uSzVtP4kBBhKg1SgSpfKsdFxmhYcKlhWfsD0DpXjEI1EC03QEYgP7-_uJBZ57NtEteN4ihO2smQRKKWGBgOTt9DZEYQDCKjz8U1Rk0l70b2l2Zms266kFliYhrXoCIF0nzgiL-kE6ehE6ogbqe0q6a24xSjRzM317QJW5K_hkLJ4dJuA2p5YbT3g3kXOxqVJxC3R7tBnRifUdeP3H48qWN6LaTHrL6i_IwrEKliEddyUaMdBIWX7lMK6WrmSOxKzjhkVdyIu_iylVcGyJIWbsLkvqiDue6gIejKIeQQCMQJgezrv7PSoQPDEYRJsuelA3zd-hDsDbUdSL2xhGnmFmI4uVAtncFU59olsRb8m-mexI28cl0REWvO1Y5S2h8A5R-CBNNas1bq3QxccQF4YASa8W0gzUIt2Q4o322AzAP5QE9YEBHJiq8uoJb-kXPPxk7YpkepndxCVoAnNoI3yqEOrkBbhCxXkq0DHRNPCzMq5oA15q7k3eJ9ME-9n4E_KaSs-LBHmyzUr_ip8lq01sTCs51uNUeyg7sWNnWdf7y8xLC6fspHcRNxrOzK9HTYh81xWgMUSTv2wklrYfrXMeXBHI4P1SHqPUPRMG9yula6WRzKRA3BnFyIiaEN8VNfTK-ORXE3DRUzZPNP5Br5Hmxsz_8j4XUU1aQ8zDnSBe5Xy7dmdmnmM_DW6XWKdyYMDU-kPIyUMO9XX67FmK_nB_WnZNeq73ncgI219A8eqNycOJM1ACMnVt7H6Ro6BkVZgW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0BC1 42 B
64 B 113ms
113ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKoAhsDsfS-_zwKkyFi2LzcQME2-tXlnvl3bfXHz9RiR9AzgC3NzhaY2-u6E2X8EOg9pVUuTcCxhFe_b_PT1InIDp3gemONFvHgeYjusoCauXR6OPfbAPzPq1DDymOOMrxXn4DFQ&sai=AMfl-YQw1ucv1zsUFVjcPS-Dpffiw7E0frSm6SpggY30InGb2SH6mJZUTp8-nv4WS2uI6la-Yb9Ha9nG434f&sig=Cg0ArKJSzIz1o4jcIsisEAE&cid=CAQSGwBygQiDhDDwkVG98Lu14niK3NKEWv25smBxdxgB&id=lidar2&mcvt=1000&p=0,0,280,1068&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1669896828&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682695668284&rpt=1107&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 170ms
169ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=d2689abc-fd53-5fec-7d12-6b9bc72441f3&tv=%7Bc:b5T61q,time:5215,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:121,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5105~0%5D,as:%5B5105~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:172,fm:tCJJxEJ+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C17*.922805%7C171%7C18.922805%7C181%7C19%7C1a,idMap:17*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:123,sis:185%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:54 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 169ms
169ms Image
image/gif 2600:1f13:800:7782:63da:8bc9:a5d:f748
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=73f240da-6e66-ef9e-a4a7-66aa392512cb&tv=%7Bc:b5T61v,time:5217,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5217,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:141,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5081~0%5D,as:%5B5081~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:tCJJxEJ+11%7C121%7C13%7C14%7C15%7C1611%7C1612%7C17.922805%7C171%7C172%7C18*.922805%7C181%7C19%7C1a,idMap:18*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:142,sis:191%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:63da:8bc9:a5d:f748 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 15:27:54 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 15:44:07	Name: _GRECAPTCHA Value: 09ABAvrlQObJVkA5yXHT19IKZLrIbMDWEkSxHBGunrre5FsCdvA9w9XN-JO37ySs6iYKVUNZeWehCO6DkRGbm3bP8
.twobillsdrive.com/	1970-01-20 21:00:55	Name: _ga_BNL5YS2GQS Value: GS1.1.1682695667.1.0.1682695667.0.0.0
.twobillsdrive.com/	1970-01-20 21:00:55	Name: _ga Value: GA1.2.1752883673.1682695668
.twobillsdrive.com/	1970-01-20 11:26:22	Name: _gid Value: GA1.2.1526188856.1682695668
.twobillsdrive.com/	1970-01-20 11:24:55	Name: _gat_gtag_UA_5355045_1 Value: 1
.twobillsdrive.com/	1970-01-20 20:46:31	Name: __gads Value: ID=f2869a0769debba9-2285ab97b1dd0072:T=1682695668:RT=1682695668:S=ALNI_MYOFNiOb20zBXu9UFh-hWVMdfMO8g
.twobillsdrive.com/	1970-01-20 20:46:31	Name: __gpi Value: UID=00000bf1af2393aa:T=1682695668:RT=1682695668:S=ALNI_MapZjx-EzUpnGjbeZ8dSUES5c6Y9Q
.criteo.com/	1970-01-20 20:46:31	Name: uid Value: 422bfff3-7039-4d9f-b25a-a608d5e8bfb7
.doubleclick.net/	1970-01-20 20:46:31	Name: IDE Value: AHWqTUnZLzTYUmIRAiXJNROpH-x6Ku9E0yJpouAH_0a6Bn1w4R0pepo0wXhmPcIGdDo
.adfarm1.adition.com/	1970-01-20 13:34:31	Name: UserID1 Value: 7227122863209052311
.travelaudience.com/	1970-01-20 20:55:10	Name: _tracker Value: %7B%22UUID%22%3A%2297793923-096A-44E4-8B3D-6F20BB9C397C%22%7D
.simpli.fi/	1970-01-20 20:11:58	Name: suid Value: 5B5B18D0F36C4CF0BD69403CD56CB971
.twobillsdrive.com/	1970-01-20 20:46:31	Name: cto_bundle Value: WpwLfF9rWkZFY01BZ1oyVTNsNTRwWiUyRklYM3RFcnZ6UTJXS2pna1plcWpQc1lzbVZBUW80QTB0QldENXU3OFhiMzJzbXF6N05vbDhBZ0lzNkpqY21UVUlBNmtJbHM5VEFTUEFSSSUyRjZ2cTdmcDFyZnlPQW9ndXJrVmlBaVZ1U2xORlJxJTJGWjZkSSUyQkNCTkVTaFpuc0M4JTJCTnE1cTlqenNpT1I1MW5SR1lOOFN5ZzFlRkxFJTNE
.bidswitch.net/	1970-01-20 20:10:31	Name: tuuid Value: 8d6f712a-1fb8-4068-a28e-38c2dab5d74b
.bidswitch.net/	1970-01-20 20:10:31	Name: c Value: 1682695668
.bidswitch.net/	1970-01-20 20:10:31	Name: tuuid_lu Value: 1682695668
.mathtag.com/	1970-01-20 20:50:50	Name: uuid Value: 091b644b-e5f4-4c00-a409-2f40f7162d64
.mathtag.com/	1970-01-20 12:08:07	Name: mt_mop Value: 4:1682695668
.bidswitch.net/	1970-01-20 11:24:55	Name: google_push Value: ATf1kGPn-chaszCPbTC_nu9cIt-KIkIhDtyz4LdhtEfrLSPgAnuPaeWjQ-e6BVswnNIKoL3MKMSDort0qoHm0egJ19kQqFt6K_6gng
.awin1.com/	1970-01-20 11:27:48	Name: awpv20044 Value: 412871\|1682695669\|3bc98581-e5d9-11ed-afd4-223664211a24
.awin1.com/	1970-01-20 11:27:48	Name: awpv14702 Value: 412871\|1682695669\|3bcf51e0-e5d9-11ed-89a2-223974343f8d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.doubleclick.net/	1970-01-20 11:24:56	Name: test_cookie Value: CheckForPermission

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.bnqt.com/lib/sdp-dfp-helper/site_config/smg_twobillsdrive.js?col=64314598 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hjp71wh91dgbvgwy1jwpxy07qye3hm1w4rc7dqepgec9fmqspja0md914bs67avvqp52c1tekpn9sxz7esjkesy2mmatywde8evyzrysymtm21ntsa6rxngq90f99hsqc6cesqthwcb6dwzqzbza83kdfezc2392b1rctq7jcqcrk4rk2e0tqtpnd1c3dch1pcrkehcaygf3nsqrf60pwbgxz8tzhyz1pk2m7aw3kb9ywmdhnb6j4bc6986p78v9pn22r40vmtv4aaqqhfpbqb9ddwg158jnnf6zeg39ymz1hkps0mczemn8m0gt5dq2vh6hg403gbhr38v7ckmw7k3xkt4bn13rm665t9hs75ew20ht4anx5541r240wbp2qmbhyrypebhj0031newfar3yp7zmx730anevv8yjpwh38ap7f29478jmznzyf0zp0em3zn8kmqg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%26client%3Dca-pub-1067570087106119%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=69be1dd90d311647a8767156f2683402%2F12440853184356832347&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682695669089&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdey4tn7krzyvtqmb8ebjp9nfv0x3hk63yc6bd8as0nhfrqsn41yr9aare44svns867sk8tzs9v7va1p81vmnh34dvta53rmh8y7fyvkewrd2y6w3v2d33mf2cdtsd7c8mkxyg3c2d9cbhq72qxm5th8ta3fx9n5hrhnazjshant5hr48gea4pgvm484t0gwjfpgchctj4y958j0g5c7kq5gvav2j8z036bq9pvkv1ng331ysft0hp0wd9v80hm76tm3y2zcef89zh3dkppssk34g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC97Q39OVLZPSMF9Citwek8oLABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjc1NzAwODcxMDYxMTnIAQmpAsvnIKurbbI-qAMBqgTUAU_QHUFWv6rYeAjOMlun_96UY57kqeJ2lpn_RwhJZnw0Lb5RffgG545GdqHiHCo7j6z7u4U5hj0uCsN20T7DFVAuUZTyXxvzMcGEByjxgGyVSWpvPuG4E_Veh-_68Rpy-Ntv89xGymCk7BbsZvXBc_zGDjr-4mBsI3KAIdFRR7LOFuWbSgOMjDrU9z4kcBupjsmqkV_CzlU4oIRo9d_uiExBbFnzcSWT5WhEcg9MkHLfGyO9dKuJ9hUMAKQcngnHJphEHEnLFDpCwtZoAYBYzIzM7AEhgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Azhg3ZoMs69h9b4StAMYtmMKWmw%2526client%253Dca-pub-1067570087106119%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5df83fda10d599e12be7e502dea1ac9e.safeframe.googlesyndication.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.track.production.webgains.team
cm.g.doubleclick.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
img.bnqt.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
prod-rtb.ad4mat.net
region1.google-analytics.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
twobillsdrive.com
um.simpli.fi
use.fontawesome.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.twobillsdrive.com
x.bidswitch.net
104.102.35.84
104.102.45.165
107.155.81.11
13.40.227.197
142.250.185.194
151.101.194.62
178.250.7.13
18.130.95.23
18.66.147.41
185.29.134.248
2001:4860:4802:34::36
2600:1901:0:76b9::
2600:1f13:800:7782:63da:8bc9:a5d:f748
2600:9000:223f:9800:8:48e:53c0:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:e2::ac40:840f
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
3.70.80.110
34.91.62.186
35.190.0.66
54.76.23.13
85.114.159.93
89.207.16.140
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6
05180a8df0f12c99deae4f68f46f538d5f627d89622f31b827785a2a23a51087
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
156216abe2badcb9eafc11c26d67e0e9f31081b9442dbacf30507beef49fcda0
1b49b2c7a4ec6babfb8685b47a1ad94c5d0274323400a8c9f5736f482d94c3ad
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
2930186444c8b49fc35151c90bdca1def9c17d751b7078f64b4ff40ebd8afe87
2944e0ebe135a57c4285876ab58fa6fe886ff10798373a3a4d29b2ec158a5d2e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d36d4ce34bee522961dcaed14903102d9b7cee32ffe3b550807029e4f501a10
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
4217b37433e45fc80656ccdf52a412bb8e7a1111441a948860b57b3f42b5ca36
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48d147d713f0d151fc054a7a1298c2e5f50b3f5025d42d3c6a42852bfecf8ab2
49ff5f9645466b6c390971c3abbf446b14cd5f3bb0c733b9a1fb9662d10286ea
4b4049fd6656718cfca037835f68451e9b8c7395ff968c76668c9a719f3e16d0
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578213284b279614417db70b361d4267d80fe086b13cb3d84dbb2bc1643b37de
58ac020afa35a99836420c23256fd326fd0a94cbc5731e9af71aeccc9d806c7f
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
604a919a9564e055dd6c3ae23939cad26c61ef5585a8a86116472e20845a7e03
607c04cb6a5bcb064a09577eb42e9284aae12c2f578283e82435433444c21e4a
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d7a92bd14dd8f4d611c41733287be41f7cf2e864fe95a0528e2e330c1dbab8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f22c174e84f0fe50a69a4a27346e7675620d9a88bd52bb0eecfdf187da0e6f3
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
759c30670a62ffe407be618d85eaaac9508bacab6ce27b5836280465d9353a79
75a5c9d1f812ff77a08e1860c39d6eed41c57309063be3f47015caca9107d938
75ca851b3f2820a26234efcf1a6d7a81207dcce63c424800442f32e217e3b195
75ddafb5d5d7fd2b6e8a23f654d11001574dceb8301f4d9905f50571a643057f
76544c0f06b34060e6111890ff82cf4ed0883a930bb1e8a06b69732dc602fb65
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b64878aca5a3fe7539d89f32b9c77863914baedf98e77966473df4fc73bd934
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7f8788ad287b80492eb02ad682bdfccdb9f7625de2c51b2216eb8e43f0a8eb0c
8381e58dd34281d45967d35eebcd12f09854a87031fc7bbc2995dd6a5f301454
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
8906a8aae0c6655bad33bbedebc4616fd8f5a90580ef166ca41f3616238b452b
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3ce81ce7ed5972dc9017ba2e33be81cf2ecd27ea417c4a069191b7e844c72a
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ac4b21a7a16fd15a05ff02368bc393af3359f129ce857e0e78802519fdd417c5
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b298f6d3f3ae8a84fa97856b2184484557429cd6879bba0345b982648758d9f1
be00e32745c8f3253a510efcfb4c728f018a4bb685589b668c460af2064b6135
c1d764eecff47574d12a39acb9197e0c59d069b6da9d4e5ee0c4fa926ae7c95d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca52692387529fcd0339729393b6bbf80dca5e6c5ef394c413879e0bb1b77d00
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a
ce89c2ee390410d98dad6a69f8e656a5e1f870e84dce3a7aa064239513db539f
d065c47c70ae65e57e114be2107e0263579d9cc03e945c9213fd1d0810fd5418
d61d95624b8afdae0e8dc49d73f339431e68b217d9c835dc17815c060c590e95
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e5ece47b0e43aefab567da845476dd344ace46f4478fae8518ce2e48136a217a
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c6ddedcab71a21a30723b52984a79ad7cbfc8c97fed06095647e219d787a55
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

www.twobillsdrive.com Open in urlscan Pro 107.155.81.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

95 %HTTPS

59 %IPv6

29 Domains

44 Subdomains

37 IPs

6 Countries

2707 kBTransfer

6116 kBSize

23 Cookies

42 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.twobillsdrive.com Open in urlscan Pro
107.155.81.11 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

95 %
HTTPS

59 %
IPv6

29
Domains

44
Subdomains

37
IPs

6
Countries

2707 kB
Transfer

6116 kB
Size

23
Cookies

149 HTTP transactions
4 data transactions