www.twobillsdrive.com Open in urlscan Pro
107.155.81.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.twobillsdrive.com/
Effective URL:
https://www.twobillsdrive.com/
Submission: On November 13 via manual (November 13th 2022, 11:08:08 am UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 26 domains to perform 178 HTTP transactions. The main IP is 107.155.81.11, located in Dallas, United States and belongs to HVC-AS, US. The main domain is www.twobillsdrive.com. The Cisco Umbrella rank of the primary domain is 417399.
TLS certificate: Issued by R3 on October 25th 2022. Valid for: 3 months.

This is the only time www.twobillsdrive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	107.155.81.11 107.155.81.11	29802 (HVC-AS) (HVC-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
25	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	34.251.78.188 34.251.78.188	16509 (AMAZON-02) (AMAZON-02)
3 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6	2600:9000:21f... 2600:9000:21f3:2400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
11	2600:1f13:800... 2600:1f13:800:7780:5601:6478:79f5:9959	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
178	35

23 107.155.81.11 (Dallas, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: 107-155-81-11.static.hvvc.us

www.twobillsdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.62 (United States)

ASN54113 (FASTLY, US)

img.bnqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8708c5f26fd3f3346f54dda9dccc78ca.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.251.78.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Bad Krozingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:2400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f13:800:7780:5601:6478:79f5:9959 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 8708c5f26fd3f3346f54dda9dccc78ca.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 ade.googlesyndication.com — Cisco Umbrella Rank: 275	521 KB
26	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294	284 KB
23	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 605 static.adsafeprotected.com — Cisco Umbrella Rank: 546 dt.adsafeprotected.com — Cisco Umbrella Rank: 518	291 KB
23	twobillsdrive.com 1 redirects www.twobillsdrive.com — Cisco Umbrella Rank: 417399	240 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	516 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	233 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	42 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	263 KB
5	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 867	184 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	20 KB
3	bnqt.com img.bnqt.com — Cisco Umbrella Rank: 47227	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	194 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 662	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8709	914 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1472	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 307	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 615	463 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11413	60 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	701 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
178	26

	Domain	Requested by
23	www.twobillsdrive.com	1 redirects www.twobillsdrive.com
19	pagead2.googlesyndication.com	www.twobillsdrive.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
11	dt.adsafeprotected.com	googleads.g.doubleclick.net www.twobillsdrive.com
9	s0.2mdn.net	www.twobillsdrive.com s0.2mdn.net
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.twobillsdrive.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.twobillsdrive.com
8	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net www.twobillsdrive.com
6	pixel.adsafeprotected.com	googleads.g.doubleclick.net www.twobillsdrive.com
6	www.googletagservices.com	www.twobillsdrive.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
6	www.google.com	www.twobillsdrive.com www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	use.fontawesome.com	www.twobillsdrive.com use.fontawesome.com
4	fonts.googleapis.com	www.twobillsdrive.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	img.bnqt.com	www.twobillsdrive.com
3	www.googletagmanager.com	www.twobillsdrive.com www.googletagmanager.com
2	image6.pubmatic.com	2 redirects
2	googleads4.g.doubleclick.net	www.twobillsdrive.com
2	gum.criteo.com	1 redirects static.criteo.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ade.googlesyndication.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	m.exactag.com	googleads.g.doubleclick.net
1	mug.criteo.com	www.twobillsdrive.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	8708c5f26fd3f3346f54dda9dccc78ca.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
178	39

This site contains links to these domains. Also see Links.

Domain
www.nfl.com
www.buffalobills.com
www.spotrac.com
buffalonews.com
www.democratandchronicle.com
www.newyorkupstate.com
www.startribune.com
www.twincities.com
www.fox9.com
www.vikings.com
www.foxnews.com
www.espn.com
www.cbssports.com
www.audacy.com
www.sabrespace.com
manofpress.com
honeyreporter.com
zbreportars.com
digitalnewshut.com
www.pickedreports.com
sports.usatoday.com

Subject Issuer	Validity	Valid
twobillsdrive.com R3	`2022-10-25` - `2023-01-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
bnqt.com R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.twobillsdrive.com/
Frame ID: 4FA7BDE0AF19B0BBE173B0251357AC6B
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Frame ID: 45A5F582A34FD92C4C6CEBD7DF10A016
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=748a3o5zf1jw
Frame ID: AF99A7B846C62DC6FBD2030BFEEF6044
Requests: 8 HTTP requests in this frame

Frame: https://8708c5f26fd3f3346f54dda9dccc78ca.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 0DE5F599F007690F1EBBA1CCD66EB323
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&adk=1812271804&adf=3025194257&lmt=1668337682&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682647&bpp=2&bdt=682&idt=274&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6113789994663&frm=20&pv=2&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: A84189572AB212522F79D56B26D1D110
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1668337682&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682649&bpp=3&bdt=684&idt=299&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=g3KNoaEVoF&p=https%3A//www.twobillsdrive.com&dtd=318
Frame ID: 86D0D71A8C8357A3D4D58111A11FFAC5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Frame ID: F873878A17745DC5AB81546DD9F1304D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyn43aNySsJgF6I2kpqViUv-weMg3SJETqvew6JWPOat_AViw3Zfg3h56mxURjp8gL4wTzMGHhOQIApuboRmykNqHI2sFIjN8oEDhLpNE_AzU16y6DfONB6ZEwKX2zibEs_bcT5lob-Mq9qMM6YEAbHY1D3IgF6ZMays0TAnSTjj2cZOiMKUgRAKpNH5BW4fv5st_ucaQoi8Q7m381IFgg_oipkiHpWsjwqcs2TZg6GAv6PWdp0ANc17ON1zxatcHdLFe-Xq5iT-T_NMqAlAaJltpiiQ7Hb88cevf3vQpQwF6lMU0V_luPsXwJkf1dmuboywFSV6NG9PuAkqP_XuoVBdsn42MYEaL3BSRIMkeOUS_y7TVDFdrCMgJ4FtMYy9wMng&sai=AMfl-YRoa79NVJ6tnj22vuoMDDBnK6J8WGvJniQRw5TPEVRqcQcfImb_NZWycrk7S7OcLDmaa5B_V_IOf96U8Fy4WO-t5OjMrGQWJUR8YAU5kovBmxObP-EhLYMIZMDmCJyhLwSI&sig=Cg0ArKJSzN8wzI5Owuh1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D09C5C5037A85A4CB033D954992D1588
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKgCCzdBlB1J2ffFmtVU8sYXWxyCAOfPlQFt4qlIzbUGHGSN6K_VgbHrndyjduqcRn6T366zCDEn0BxWACgzoiaI5pn0oRLR79aqxa61J1eEXrgFbI-dXp-OU7eTpFCtIBaKClZFgG1w5Hk10L6TZO4P0ngmKqAZ2m89afBkfXgI6wRnwejIcb0EAsH52HsXbUNyHbtpgeonJyndTyTW-0x-knDcTRgqGOndN2gifOKoIOHIkox_KrJBOUXyU6bFbu9HHDdYLgu2yopbq5vz_BOLc8y70oAlCNdu2T5fFbD_hBbG4ztgOP-LXTPpjGP98h9a9ABgyI2lmat15R6RXlXmCBYjPdCuf-sFr-zG38ST-ZnYldVSkuiqEU-ky5COzwlg&sai=AMfl-YQFpStAtG4eNPdSPPT1tb0dxRbAdwtWUYMW4e1j52Q8_NcSsZ3iKXXxKHiXP6WLKRy_1tXuG8wPSD-jSF31j3-PDhByCjcA-iMpP-jhxxkThGEohpZ9TAFjnHxmp32I1pdr0w&sig=Cg0ArKJSzNUJmtK6qBLyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E66A92EA0F1C75B0FBC2E8D3D6652285
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.twobillsdrive.com
Frame ID: 7280279BD7B664506E5CE0F7862DA4A5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1
Frame ID: A23C0D0E05479CC78EC5F7C12BEA48B3
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EA13FBB51B3ABFCFDD60250336C75C27
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWw6-PJyC8H0vFEhn-EsVWWWQrt-sa4vQXI1uUcfpXsbuUI3psG3mY3r2UkARH6k1g2RlFAzIa0xy5upr9hFQ0pQinWM5ihxBchxLwUlKmEQW77K85TTjvLRTTrpvk40-7wYIN_-Yl9Z-foKeVp3z-SL_xYfYDAj7JSd_8CP4R0bC9ESKQ
Frame ID: D0998D97F9A4362435CFECB6245755FC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C549rDkC0H8a-h5vQtfEbJsS1XK6sh9VWeYBrtnYDYrKHm8PWSkF4WRNk2t-j-fbg5t7sLTZLyzWAuRxbo7FRpYCe-_f9wDu4qxS3OBY7PwSUIler62-yg-XXQEoZgPeKJxsuQhu32s_gtYHZBxUpac_4jhv34_P18AsXzPI7-DK60QSA&dbm_d=AKAmf-CVUdo8_7WeY8CHl457kpmiJNJ_2DKrrkKu_XMUOamzewzCDz5DRGwLoSZPTaorG4H4suOsZdF_F1Sx7HLI9147c5SPV8BdPfyHRO7Q4QOGM0yDQ7XxmIy6G34hXjtf7Vsukcsp37-tB03An36WqiCfBJ-UoBaCi5usxWggW8LKIIBRHaLcVcOONIqlOxKckQjNrloVh2hLNXz35FDFCBJeYABJF82jU2ZquOqsAjDmpnLGOrxXhplCora0NqVB9MqnisH20ec3L5_KDlGXylpDVRoausGyn15noNIcsacetPLfR_BREG1u5Ln5oUy1ntcX7O9y_a2SPTofdDUxZI1fOIOowftXhmxEHGvZIzBsBslh_XE9xBQ3PETPh4A_3zir8al-QqYAYTOsErewef08wkODmWIOgP70tMWB48oaqC-tmc1c7TMG-FGd2wH0_rRZJ3x1N_cZzDldlkwjMTDD-N1wmZYtMeYobw0BM50Je7Wvu6VlLo3VdgqLLPvJYHwcvQit6BcBgUr2-U8QOmzgdozG3Vuz7UsfXw_eEwFt2OPJwNW12rdWDMo4PY6nyH802KIS_IIg1QtVh-o0tubgX3don_q3dwkNgoM_7Cq7Z7JkZZj3QNZQbjS9YSuRRC7uGjX_UqVc-QmFfzzmQ02mCaoHrCtIQ7MRbY52Qdywi4P_x4iNiyTmfTSE83dE5PzHQK-SHM7-WLNrWVa1clilNfb13MlsG09U9ASd2_MqW4vTLPJGLArF7I2HZl1wsxXKE87FSboZAgBM3txM2SXiUJTJ9-cQVJpc9C-0uZ6m7VXVASBEK-XYf_I2qdOlUUxcsH233LYRupamjad38GV6fpTgcjXtdQ2E5KQNidxZNZhxs_AanFr4FsJI-8NnEd_pZ9tVnlku5VLJ4k8NyiEKKdLbFDe0I_wHp7LkWOsWRWNNBqqhrQ4xcNN21nrQURjkx5NJRa4i3gwBjcrFvJrCHjHwElcx3bkNPHlWACReLzscEmyRP3Hys7RhhOGEVJXM4ls9Qry454n8acbBAYgxfgu-Wiecgo3jmeACwUcfZT-OMrLeJFgO74B6PtYXiPKxgosU3aqg1ia2X04UH8OvUTN_nQUrbE4FruZynYtPZfz2FhGWiJR2o3TQr20kvFBTLzJiip_MfJo3LXBWXO_w-UXW4mPdzPz_nEXfDjYyu9bCjoXWN0MpinbRpziTs9GTVaHfgwwIhFASqgRjXW7OprmpX0IyCvHJ_4VbWpYk6mZ6uM0-5j8fVYLij_D7cc4q6VbAML-ldLY2Byrnf7ofApM7RR-CXTGC7om5_Xcnw-6-y6R0RpSZsic2UrtOXTR3Vo3YTN8PLVbmc6zFpdYJi8_yV_RuDrxG1-sAHfJS-P9wHClNLzXRHowvbwM0rTNShwPwgtUXh2UCcSTFDGv_SmJl-AV54QZExCxGnkhGw9oZGl0nGrG4q-IKdadZO-Q9zt5k0qUbFd7wITpCiqMMMeIp1I9GXkg6VmmXgzNWmkKBpWoK913Ng9OAQtMoUaR7AhNGJlGPf_qXjx98lQvT6XN_cdbnnlPGJLCKNXZL79Nev2rfzBqrzMHZpKRQLbfweJychejymNRkGJchdnl8Me-vFRaLgqvZpRLNgI3gr33ZrqXlED7OAVD8E370EdLBuKObmiusK-1_O4pk2f6TdFSWIHzchIB8-2l0LDOSy5RHw4cBQ2SlxdQu5TIVBNS7E1Hi4EE43dayfJfRYMlTOZcnIcWU8EtSGGUc2gA0dz1F62DV05nKxHHmN8kSeCnciIMtqFB-ojI8fT903KD2dqhlONrF-d5A15KSnZRub-JhBlTYKiTqtf-01n30BMnQdrRVwZnCF8BHr3Qr3p6njZbfsPezdZZ8EiqfcFF4dP8ka9rMMhHKOl9tyR9WlKvhQBQ7fPmJsdCVnasaHohkUud_wSgQlarHsbFx9elxj80z1KRIViZUTfrieUMB9GZTx453wQDVFJxRdVaWLAkm8K7KhUvPGjLaHwg3rPZLoJ7fKY7nmisOOIwVkxVBCHNGFG-7qfdfHqIfhQiKDj3s8hEL7iCNKZkknBNpJbBgCXea-7XFaFUiF56P2rBeZkBoHsIJ7JnyCHk3yQ4RJ22rzFPZ2C2rFlOsWXoLBm8pZmtUaZXRohEVGedlPLe1LOt16MPAVxFl0X_4xdwG3qNfaexbUWOiGX7GaAkSj_G6nDHsIJe8Q93URmJwD2XTgtiDJzLcPwnObiiMYq08Dg_SmeNSPTbKrvmqy_H9lyzuW-k5yfFh7bRqKE5IoWDIXyytpeQVzGp8XxEmN2ggWW7fYQAc301GckRb8EOpS6lpyodbe3UQ9AigA0ZUecydIDZDmZR5VAwzs2bDtkoC2FZz7IeCtir1Gp5iolcq8k6P97vIbbCrXybcAXgYkj8UId79_-nqRwVduIVFwxLoDpIqpgV32Mi4U9v2WdWHOCrsAHIVCMsyUeJIolyDIGZkbowvirztWSJh-rS4hJHgij0tqaO7TnlnCIaquY-Tlx7_9WfaxbvyJ07xpngolx90FYcRnrZYr4qtc8WvA5dcXFV3b4pmiETtcjrqOQ1KQ9RjZDdXpsFvLTaOJxUWgK51MzzU6oDaCM2W62RAa0OInkgBRYslnVrnlEVige_uEUszvN2Yvn2cgFZ9D5FLfB0TWATKcQhje7zT01LK6QyvSq8rosNp0d8IrhEMDwOoaLeuEwZJEuBB0Qg7qqxq40FFYN8ki480tE2HPpxwqZ8a6YIF1lCt2jqcvK1jDpMW3PjG3yvqyQGavKBC2HFsyOPHSVjmzMiLnoyLMKnh1Ary5B4ZpVoCimqSJykXgWSShkwPpzdOpLLDuhH3cqRm1oR3Xw6UC1h4Wpvuo19XZmw7XTb6iB8Qdt1GaHpsYLetqzi7qwrViWlp39H8qXJJQthRrsEx7GdAwDoaKqA2Zle-7o-W1wI3gT7m43K66wEHBt_xsID5AXuQ8fm_-LVz-xQB0dbMrZ0dJxSsgYaFY0J_sPMG3trzz6KPNQQOwtFchwwXp-cvGS8Cu10i2hDx6PWUs4RIMdoV7MizgjQ4BU0BYHTp37TMg3GVPIBueulJw2X2SfCa5X08ZOmCnvqa-Z299InTIz787twHYdu90Sk_wG2C5A5OwrKxHUOqaaXxKYNIqYEDGERf5IBQHiVON8bIv4Vf8iZF_364JzJr_IW-G3b4eNSt07RjxOBiXstdgqBrbZZoane8NIFVJgvl7kLH3LALt2UlEmJmzngyjNw48ZOPVdMHkm3a7Nb2ZI3BeT25kB0XYhvjhql22H3o1pxRWCdu7S6hjTbAJxAul_fovFOoks0ELBG8U20zyJi6WYwC958ZrkovLjvf-XN_On64J6oeocpursI-mE7myNysu8nrNSMLtZUNsUJlmoZDm-RgoLcEKDOBRyoaOcj944BTOO9a0TGcG3JiPWHpeNchHIB5EQVG5CM4eD6xhGsDmsV8NqQogk0&cid=CAQSKQDq26N9mDY6JjxosSgT7jDJiAwfkGTY4EYIMi9AdZVNn942H_3r3gaJGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.twobillsdrive.com%252F%240
Frame ID: E115DB00AE20836225EE29189A950B76
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E34863973268887787BC2888657C84C0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
Frame ID: 99F4E16A47A4D25361DBB34BA964C734
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5165F7ABED8FBA13973E97FB47C36730
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 146071BD3101C4105A1A8CE4518BC22D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234279273&pubOrder=2158122228&cb=1634466209&adsafe_par&impId=&custom2=&custom3=
Frame ID: 28A2C36686DFC0F13143084EA6D28E76
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1935118248&adsafe_par&impId=&custom2=&custom3=
Frame ID: 392D24389EBEC67670680B660C97BB15
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 265C79C3E78E9197C26C272236ED15FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 20DC138FEE1F207DBFD62DAA616242B6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 0A3BCE4CB26E1729867D0340EF6F0868
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B8909F32238B691C69B1670A96061695
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 30C2E588E8DAE308F6B5C6B23AF6AC30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C096D8D73FB25B8BB4D1B11BC8C21EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A5152CB1AED622FCDAC531D9B375414
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Two Bills Drive – Buffalo Bills News and Discussion

Page URL History Show full URLs

http://www.twobillsdrive.com/ HTTP 301
https://www.twobillsdrive.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

178
Requests

94 %
HTTPS

62 %
IPv6

26
Domains

39
Subdomains

35
IPs

7
Countries

2846 kB
Transfer

7372 kB
Size

25
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nfl.com/standings
Title: Standings

Search URL Search Domain Scan URL

URL: http://www.nfl.com/stats/
Title: Statistics

Search URL Search Domain Scan URL

URL: http://www.buffalobills.com/team/roster.html
Title: Roster

Search URL Search Domain Scan URL

URL: http://www.spotrac.com/nfl/buffalo-bills/cap/
Title: Salary Cap

Search URL Search Domain Scan URL

URL: http://buffalonews.com/sports/bills/scouting-report-struggling-bills-run-defense-faces-a-big-test-against-vikings-dalvin-cook/article_2d7f6644-6293-11ed-9244-b3aeaaf03bd8.html
Title: Scouting Report: Struggling Bills' run defense faces a big test against Vikings' Dalvin Cook

Search URL Search Domain Scan URL

URL: http://buffalonews.com/sports/bills/bills-mailbag-josh-allens-questionable-status-will-lead-to-plenty-of-wondering-until-sundays-game/article_4c7b709e-61fb-11ed-9d52-fbdabb222e52.html
Title: Bills Mailbag: Josh Allen's 'questionable' status will lead to plenty of wondering until Sunday's game

Search URL Search Domain Scan URL

URL: http://buffalonews.com/news/local/98-year-old-north-tonawanda-world-war-ii-veteran-treated-to-first-bills-game-sunday/article_86a6e224-62b6-11ed-a6d9-bb49662ab900.html
Title: 98-year-old North Tonawanda World War II veteran treated to first Bills game Sunday

Search URL Search Domain Scan URL

URL: http://www.democratandchronicle.com/story/sports/football/nfl/bills/2022/11/11/bills-vs-vikings-prediction-keys-to-game-with-playoff-implications/69636287007/
Title: Buffalo Bills vs. Minnesota Vikings prediction, keys to game against team on a roll

Search URL Search Domain Scan URL

URL: http://www.democratandchronicle.com/story/sports/football/nfl/bills/2022/11/11/what-channel-is-buffalo-bills-vs-minnesota-vikings-game-on-time-tv-streaming/69636275007/
Title: What channel is the Bills game on? How to watch Buffalo Bills vs. Minnesota Vikings

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2022/11/bills-elevate-2-players-including-former-vikings-cb-has-qb-decision-been-made-on-josh-allen.html
Title: Bills elevate 2 players, including former Vikings CB: Has QB decision been made on Josh Allen?

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2022/11/buffalo-bills-vs-minnesota-vikings-2022-preview-keys-to-the-game-and-predictions-for-week-10.html
Title: Buffalo Bills vs. Minnesota Vikings 2022 preview: Keys to the game and Predictions for Week 10

Search URL Search Domain Scan URL

URL: http://www.newyorkupstate.com/buffalo-bills/2022/11/von-miller-odell-beckham-jr-and-bills-gm-brandon-beane-have-had-direct-talks.html
Title: Von Miller: Odell Beckham Jr. and Bills GM Brandon Beane have had direct talks

Search URL Search Domain Scan URL

URL: http://www.startribune.com/buffalo-bills-minnesota-vikings-defense-leslie-frazier-mark-craig/600225119/
Title: Leslie Frazier keeps it simple in building the AFC's best defense

Search URL Search Domain Scan URL

URL: http://www.startribune.com/vikings-bills-justin-jefferson-stefon-diggs-trade/600225103/
Title: Stefon Diggs and Justin Jefferson, pieces of the same trade, finally meet on the field

Search URL Search Domain Scan URL

URL: https://www.startribune.com/buffalo-bills-minnesota-vikings-defense-leslie-frazier-mark-craig/600225119/
Title: Leslie Frazier keeps it simple in building the AFC’s best defense

Search URL Search Domain Scan URL

URL: https://www.startribune.com/vikings-bills-justin-jefferson-stefon-diggs-trade/600225103/
Title: Stefon Diggs and Justin Jefferson, pieces of the same trade, finally meet on the field

Search URL Search Domain Scan URL

URL: https://www.startribune.com/minnesota-vikings-buffalo-bills-connections-stefon-diggs-case-keenum-leslie-frazier/600225102/
Title: The ties that bind the Vikings and the Bills

Search URL Search Domain Scan URL

URL: https://www.startribune.com/minnesota-vikings-buffalo-bills-super-bowl-preview-la-velle-e-neal-iii-nfl/600225113/
Title: Why this could be just the first Vikings-Bills meeting of this season

Search URL Search Domain Scan URL

URL: https://www.startribune.com/vikings-put-cornerback-cameron-dantzler-on-injured-reserve/600225083/
Title: Vikings put cornerback Cameron Dantzler on injured reserve

Search URL Search Domain Scan URL

URL: https://www.startribune.com/vikings-bills-preview-and-prediction-who-wins-josh-allen-diggs-jefferson-ben-goessling/600224773/
Title: Ben Goessling’s Vikings-Bills preview and prediction: Who wins and why?

Search URL Search Domain Scan URL

URL: https://www.twincities.com/2022/11/12/vikings-place-cornerback-cameron-dantzler-on-ir-sign-cornerback-duke-shelley/
Title: Vikings place cornerback Cameron Dantzler on IR, sign cornerback Duke Shelley

Search URL Search Domain Scan URL

URL: https://www.twincities.com/2022/11/11/from-cousins-chains-to-defenses-bowling-strike-vikings-celebrations-have-gone-to-a-whole-new-level/
Title: From Cousins’ chains to defense’s bowling strike, Vikings’ celebrations have gone to a whole new level

Search URL Search Domain Scan URL

URL: https://www.twincities.com/2022/11/12/vikings-have-a-chance-at-buffalo-to-show-theyre-indeed-among-the-nfls-elite/
Title: Vikings have a chance at Buffalo to show they’re indeed among the NFL’s elite

Search URL Search Domain Scan URL

URL: https://www.twincities.com/2022/11/11/vikings-at-buffalo-bills-keys-to-game-how-to-watch-who-has-the-edge/
Title: Vikings at Buffalo Bills: Keys to game, how to watch, who has the edge

Search URL Search Domain Scan URL

URL: https://www.twincities.com/2022/11/11/vikings-at-bills-picks-with-or-without-josh-allen-buffalo-looks-like-the-team-to-beat/
Title: Vikings at Bills picks: With or without Josh Allen, Buffalo looks like the team to beat

Search URL Search Domain Scan URL

URL: https://www.fox9.com/sports/vikings-place-cam-dantzler-on-ir-josh-allen-expected-to-play-sunday
Title: Vikings place Cam Dantzler on IR, Josh Allen expected to play Sunday

Search URL Search Domain Scan URL

URL: https://www.fox9.com/news/how-to-watch-the-minnesota-vikings-vs-buffalo-bills-on-sunday-nov-13
Title: How to watch the Minnesota Vikings vs. Buffalo Bills on Sunday, Nov. 13

Search URL Search Domain Scan URL

URL: https://www.vikings.com/news/cameron-dantzler-ir-injury-reserve-cornerback
Title: Vikings Place Cameron Dantzler, Sr., on Injured Reserve & Sign Duke Shelley to 53

Search URL Search Domain Scan URL

URL: https://www.vikings.com/news/5-bills-storylines-justin-jefferson-stefon-diggs-2-cooks-reunit
Title: 5 Vikings-Bills Storylines: Justin Jefferson-Stefon Diggs Showcase, 2 Cooks Reunite

Search URL Search Domain Scan URL

URL: https://www.vikings.com/news/buffalo-bills-nfl-expert-picks-week-10
Title: NFL Expert Picks: Vikings Underdogs Against Bills in Week 10

Search URL Search Domain Scan URL

URL: https://www.vikings.com/news/how-to-watch-stream-listen-to-vikings-bills-in-week-10
Title: How to Watch, Stream & Listen to Vikings-Bills in Week 10

Search URL Search Domain Scan URL

URL: http://www.foxnews.com/sports/vikings-kirk-cousins-stefon-diggs-trade-worked-out-everybody-involved-ahead-matchup-with-bills
Title: Vikings’ Kirk Cousins says Stefon Diggs trade worked out for 'everybody involved' ahead of matchup with Bills

Search URL Search Domain Scan URL

URL: http://www.espn.com/nfl/story/_/id/35011401/bills-elevate-third-qb-josh-allen-line-active
Title: Bills don't elevate third QB; Josh Allen in line to be active

Search URL Search Domain Scan URL

URL: http://www.cbssports.com/nfl/news/bills-josh-allen-set-to-start-vs-vikings-after-being-listed-as-questionable-with-elbow-injury-per-report/
Title: Bills' Josh Allen set to start vs. Vikings after being listed as questionable with elbow injury, per report

Search URL Search Domain Scan URL

URL: http://www.audacy.com/wgr550/sports/bills/bills-elevate-xavier-rhodes-and-duke-johnson
Title: Bills elevate Xavier Rhodes and Duke Johnson

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/feed/rss/

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/
Title: Buffalo Sabres News

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2022/11/13/sundays-boston-coverage-24/
Title: Sunday’s Boston Coverage

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2022/11/13/bergeron-scores-twice-as-bruins-beat-sabres-3-1/
Title: Bergeron scores twice as Bruins beat Sabres 3-1

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2022/11/13/sabres-unable-to-find-a-way-against-boston/
Title: Sabres unable to find a way against Boston

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2022/11/13/buffalo-sabres-drop-fifth-straight-game-in-3-1-loss-to-boston-bruins/
Title: Buffalo Sabres drop fifth-straight game in 3-1 loss to Boston Bruins

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2022/11/13/kinkaid-bruins-hand-sabres-fifth-straight-loss/
Title: Kinkaid, Bruins hand Sabres fifth straight loss

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2022/11/13/postgame-report-sabres-fall-to-bruins-on-hockey-fights-cancer-night/
Title: Postgame Report | Sabres fall to Bruins on Hockey Fights Cancer Night

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/2022/11/13/sundays-rochester-coverage-280/
Title: Sunday’s Rochester Coverage

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/forum/1-the-aud-club/

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/33874-the-reverse-retro-uniforms-make-the-sabres-look-like-the-hockey-bots-from-strange-brew/
Title: The reverse retro uniforms make the Sabres look like the hockey bots from Strange Brew.

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/33872-gdt-boston-at-buffalo-nov-12-2022-7pm-msg-wgr/
Title: GDT: Boston at Buffalo, Nov. 12, 2022, 7pm, MSG, WGR

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/33870-111122-gdt-cleveland-rochester-705-ahltv/
Title: 11/11/22 GDT Cleveland @ Rochester 7:05 AHLTV

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/33869-0t-how-many-beers-will-it-take/
Title: 0T: how many beers will it take

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/33867-practice-lines-1111/
Title: Practice Lines 11/11

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/33866-tages-sh-and-contract-are-definitely-linked/
Title: Tage's sh% and contract are definitely linked

Search URL Search Domain Scan URL

URL: https://www.sabrespace.com/community/topic/33865-what-did-we-do-to-deserve-this/
Title: What did we do to deserve this?

Search URL Search Domain Scan URL

URL: https://manofpress.com/
Title: Man of Press/

Search URL Search Domain Scan URL

URL: https://honeyreporter.com/
Title: Honey Reporter

Search URL Search Domain Scan URL

URL: https://zbreportars.com/
Title: ZB Reportars

Search URL Search Domain Scan URL

URL: https://digitalnewshut.com/
Title: Digital News Hut

Search URL Search Domain Scan URL

URL: https://www.pickedreports.com/
Title: Picked Reports

Search URL Search Domain Scan URL

URL: http://sports.usatoday.com/
Title: USA TODAY Sports Media Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.twobillsdrive.com/ HTTP 301
https://www.twobillsdrive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://gum.criteo.com/sid/json?origin=publishertagids&domain=twobillsdrive.com&sn=ChromeSyncframe&so=0&topUrl=www.twobillsdrive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EvAZvXxZN2FkZlUxR1VzQ05oQ3lGbXcvWkRaU2F2VFE3RTBoYkFxeUJmOGtoZnQraHh4SS9DWFZLeWZhMTB0Q3JzeGhUM0Jxc3BVVVhrNG9UeDE5WUcwQlFUVXRCenRORUZzbEFaWW1CM3paVmtFVVZKNjBseFpzdTZCOVJpUDdZZ0ZxQVVKWTdaNmtvZW1NZTBTRGpIRlRZWDA2VkxHSmZRenN5dVdBM3dDTDg4ZmNqcW1mTS9MbzlRNXlTSGxyS256eXExVDdPdko5TXBKZnJINnBVU25IWmVyc0JpNzUrOVZ3ZVNUaEJYWmtBTkdhWnJCV1NjMW8vaWV0Vlk5b002SCt2NEZUNENRc2E0czI4SmMwZzBRdFpDVm9reE5OTEp1Z1dmRXJNKy8rLzFuWT18&cppv=2

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&C=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3DQFLkF0Zb-.1Yo4KWy5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&google_hm=2

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDbMRDpT8nodJu5Gx57oiL4&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0OTM5MjAxNTUxMjM4ODc3Mg%3D%3D

Request Chain 115

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKQLmSJpinqbiApayaSzoNk&google_cver=1&google_push=ASkJ3FYrLe3Yp6_5mQ95g2AD-R0TFnufF3N5I8UMwBCg8yqhLi_qLvjJcCsFxUCG5OnTBbZs8qTVcw1JrIIM_QCuv3iFvuCjX65v HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKQLmSJpinqbiApayaSzoNk&google_cver=1&google_push=ASkJ3FYrLe3Yp6_5mQ95g2AD-R0TFnufF3N5I8UMwBCg8yqhLi_qLvjJcCsFxUCG5OnTBbZs8qTVcw1JrIIM_QCuv3iFvuCjX65v&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UkU7Dq9LSwmDL3BnkFTntA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYrLe3Yp6_5mQ95g2AD-R0TFnufF3N5I8UMwBCg8yqhLi_qLvjJcCsFxUCG5OnTBbZs8qTVcw1JrIIM_QCuv3iFvuCjX65v

Request Chain 116

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF_nNLW3V7qijhvil2-kiZ0&google_cver=1&google_push=ASkJ3FYSqsuQbQ-IS32PHPcdD861H_AjCFtlJd_yZr04MRNRIh5DVM558Dg50CAInCRi7wc6LbZ39S_JVKfTYWedJk7MiETeoXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGOTZLR0QtMU4tSzNIMg==&google_push=ASkJ3FYSqsuQbQ-IS32PHPcdD861H_AjCFtlJd_yZr04MRNRIh5DVM558Dg50CAInCRi7wc6LbZ39S_JVKfTYWedJk7MiETeoXA

Request Chain 117

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFvNuLltkcD4EsH0NUPGrug&google_cver=1&google_push=ASkJ3FbVo4rP1YlecXTk0ZT4w5LuCiZz6jAZHkEIOTdDbHjR3Y569IecIl78ARfyYLola9KqPfqBR0hH6uLX9AOvkcyzt1enCqAu HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFvNuLltkcD4EsH0NUPGrug&google_hm=Y3DQFLkF0Zb_-1Yo4KWy5AAADIIAAAAB&google_nid=index&google_push=ASkJ3FbVo4rP1YlecXTk0ZT4w5LuCiZz6jAZHkEIOTdDbHjR3Y569IecIl78ARfyYLola9KqPfqBR0hH6uLX9AOvkcyzt1enCqAu

178 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.twobillsdrive.com/
Redirect Chain

http://www.twobillsdrive.com/
https://www.twobillsdrive.com/

97 KB
19 KB

559ms
270ms

Document
text/html

107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: f997e0caf0c1e38cafa1b40976ece079926149379465496aea6765312b76e375

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 11:08:01 GMT
link: <https://www.twobillsdrive.com/wp-json/>; rel="https://api.w.org/"
server: nginx centminmod
vary: Accept-Encoding
x-powered-by: centminmod

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 13 Nov 2022 11:08:01 GMT
Location: https://www.twobillsdrive.com/
Server: nginx centminmod
X-Powered-By: centminmod

GET
H2 200 style.css
www.twobillsdrive.com/wp-content/themes/lifestyle-pro/ 40 KB
9 KB 147ms
144ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/style.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 604a919a9564e055dd6c3ae23939cad26c61ef5585a8a86116472e20845a7e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Sat, 11 Jun 2022 16:36:28 GMT
server: nginx centminmod
etag: W/"62a4c48c-a11f"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 style.min.css
www.twobillsdrive.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 155ms
153ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-15b64"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 styles.css
www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 156ms
154ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 04:12:46 GMT
server: nginx centminmod
etag: W/"63521c3e-aab"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 font-awesome.min.css
www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/ 30 KB
7 KB 157ms
155ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Tue, 27 Dec 2016 18:09:39 GMT
server: nginx centminmod
etag: W/"5862ae63-7918"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 dashicons.min.css
www.twobillsdrive.com/wp-includes/css/ 58 KB
35 KB 281ms
279ms Stylesheet
text/css 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/css/dashicons.min.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 11:14:16 GMT
server: nginx centminmod
etag: W/"60782008-e688"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 85ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a98f603d4c61be461b7dbc7528533e828d00af4ff48430fe4bb7f15c6f6f598b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 11:08:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 159ms
94ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N711B8X924VDDQ6A
age: 1655987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Kh6TivQxSy0qPDGr3XIQKpalLPuTRa/YYA5XzYgorhw+K6HCfVhydW3crzygZCESSYSOQ+WvrAs=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxoMTKvIvyg1ttyMcPWTQc97Jnpi12lY%2FcZ1BtffCS2YwUQM5D1bvHHfrk6zs%2FBVq9lEGw3T1TEI7Jlau6Kz1zUXQeb34k04rBeqhDmv9Q0h%2FCFtBEnTFF9rcWXJofskOB24Z8Vh2cAcDQ3JbuZKvDTw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 76970c10b9f5904c-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 108ms
43ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DABW8KHNYC2NPX0P
age: 25243401
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5bRiz7ljTaK2ph9Ov6IOAy4N9U4TQUVyFoRupY2w+0ILCeoNeT72/Ecq3O4CGkhu8MTDWHSqBp0=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bc4VwhpEV5esElm3M%2F4SbvqqXVHD1GPTXzt879I6LsHQWCxp%2BZel0967dc5ZnLpcylc3siZlp5XvohaavbudhRukvXYEz8jJxQ2YWB1lIT0u%2BHvAZAWMJ%2FpJk4jxO9wh8eSDjVz%2FHYJ1hxaI%2B46gHNEg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 76970c10b9f8904c-FRA

GET
H2 200 jquery.min.js Show response
www.twobillsdrive.com/wp-includes/js/jquery/ 87 KB
31 KB 286ms
284ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 20:30:33 GMT
server: nginx centminmod
etag: W/"61f99869-15db1"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.twobillsdrive.com/wp-includes/js/jquery/ 11 KB
4 KB 286ms
285ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Sat, 27 Feb 2021 14:58:12 GMT
server: nginx centminmod
etag: W/"603a5e04-2bd8"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 124ms
60ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BNL5YS2GQS

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56cfa2d42c23d09e5abf6a24c17e3eebfcba7d3195a78629db226accf8d23f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 97ms
34ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5355045-1

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfacae8e076f571140b80e646c638d5d6985bd358f56b9628a4644f94917a1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 sdpdfphelper.js Show response
img.bnqt.com/lib/js/ 6 KB
7 KB 120ms
21ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.bnqt.com/lib/js/sdpdfphelper.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 05180a8df0f12c99deae4f68f46f538d5f627d89622f31b827785a2a23a51087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sat, 12 Nov 2022 10:01:30 GMT
date: Sun, 13 Nov 2022 11:08:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 43356
x-guploader-uploadid: ADPycdsvG3h5J45ZdBujh3KfK7MHRTv74jCAEjl-4cW3GsG8e-R1L5JgSg7KvEzc8-NFtL88zeGwp5Cd2TOndpDOXp8lXw
x-cache: HIT, HIT
x-goog-storage-class: NEARLINE
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
gannett-debug-path-full: restarts: 0 ttl: 86400.000 shield: false server: cache-hhn11534-HHN path: storage.googleapis.com backend ; Segmented Caching Enabled >>>> restarts: 0 ttl: 86400.000 shield: true server: cache-iad-kiad7000123-IAD path: storage.googleapis.com backend ; Segmented Caching Enabled
content-length: 6036
x-served-by: cache-iad-kiad7000123-IAD, cache-hhn4037-HHN
last-modified: Thu, 11 Feb 2021 19:31:24 GMT
server: UploadServer
x-timer: S1668337682.073912,VS0,VE0
etag: "e25f9fdde85d1053b77e4537d51f4584"
gannett-debug-path: storage.googleapis.com backend ; Segmented Caching Enabled
x-goog-generation: 1613071884761292
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=N1p/rA==, md5=4l+f3ehdEFO3fkU31R9FhA==
x-goog-stored-content-length: 6036
accept-ranges: bytes
x-cache-hits: 765, 103

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
55 KB 111ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067570087106119

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e04cc83c1adf476bd37d786e07ffde44b8bf8590296c54e8f1f36e536adac824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55532
x-xss-protection: 0
server: cafe
etag: 9797838494566932119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.twobillsdrive.com/wp-includes/js/ 18 KB
5 KB 147ms
146ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-48b9"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 133ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf536fd4bbea75d7b2642a5848edd48d05f6e5890f8b5cf3476470bc12d68b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55085
x-xss-protection: 0
server: cafe
etag: 8542887736143460240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 index.js Show response
www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 155ms
149ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 04:12:46 GMT
server: nginx centminmod
etag: W/"63521c3e-26d1"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 index.js Show response
www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 279ms
272ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 04:12:46 GMT
server: nginx centminmod
etag: W/"63521c3e-3016"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 hoverIntent.min.js Show response
www.twobillsdrive.com/wp-includes/js/ 1 KB
1 KB 283ms
276ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/hoverIntent.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-5db"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 superfish.min.js Show response
www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 284ms
277ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 01:54:36 GMT
server: nginx centminmod
etag: W/"632528dc-1193"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 superfish.args.min.js Show response
www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/ 132 B
468 B 284ms
278ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
last-modified: Sat, 17 Sep 2022 01:54:36 GMT
server: nginx centminmod
etag: "632528dc-84"
x-powered-by: centminmod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 132
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 skip-links.min.js Show response
www.twobillsdrive.com/wp-content/themes/genesis/lib/js/ 386 B
722 B 284ms
278ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/genesis/lib/js/skip-links.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
last-modified: Sat, 17 Sep 2022 01:54:36 GMT
server: nginx centminmod
etag: "632528dc-182"
x-powered-by: centminmod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 386
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 responsive-menus.min.js Show response
www.twobillsdrive.com/wp-content/themes/lifestyle-pro/js/ 4 KB
2 KB 285ms
279ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/js/responsive-menus.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2017 23:23:40 GMT
server: nginx centminmod
etag: W/"59e53f7c-e5c"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 89ms
31ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&ver=3.0

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73fb5586354b608df564d1c6801db54a5f69bec7020b39facb25f4281e335f5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.twobillsdrive.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 283ms
279ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-194b"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.twobillsdrive.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 283ms
280ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 14:50:15 GMT
server: nginx centminmod
etag: W/"634825a7-4ac6"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 index.js Show response
www.twobillsdrive.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
1 KB 283ms
281ms Script
application/javascript 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
last-modified: Fri, 21 Oct 2022 04:12:46 GMT
server: nginx centminmod
etag: "63521c3e-3e7"
x-powered-by: centminmod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 999
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 94ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec25a8aca710c9426fe5ffb352c642493b98d5ffa9aa1c6a33a8d63caff64147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
server: sffe
etag: "1391 / 885 of 1000 / last-modified: 1668208008"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 sdp.toolbox.1.0.0.min.js Show response
img.bnqt.com/lib/sdp-dfp-helper/js/ 6 KB
6 KB 25ms
25ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.bnqt.com/lib/sdp-dfp-helper/js/sdp.toolbox.1.0.0.min.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c1d764eecff47574d12a39acb9197e0c59d069b6da9d4e5ee0c4fa926ae7c95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sat, 12 Nov 2022 09:16:38 GMT
date: Sun, 13 Nov 2022 11:08:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 37536
x-guploader-uploadid: ADPycdsucBusY_NlZ8MAQrCeFr2IQZ3wCPvH-kqGQAmw3Y-AOx2_lenaiY_npNIfpT1Ji_b8qZ8WMEC9AQx_1QYQvwK9qKk7bnRK
x-cache: HIT, HIT
x-goog-storage-class: NEARLINE
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
gannett-debug-path-full: restarts: 0 ttl: 86400.000 shield: false server: cache-hhn4054-HHN path: storage.googleapis.com backend ; Segmented Caching Enabled >>>> restarts: 0 ttl: 86400.000 shield: true server: cache-iad-kcgs7200116-IAD path: storage.googleapis.com backend ; Segmented Caching Enabled
content-length: 6044
x-served-by: cache-iad-kcgs7200116-IAD, cache-hhn4037-HHN
last-modified: Thu, 11 Feb 2021 19:53:36 GMT
server: UploadServer
x-timer: S1668337682.416598,VS0,VE0
etag: "a10d854620d11d46227f1d89054f4029"
gannett-debug-path: storage.googleapis.com backend ; Segmented Caching Enabled
x-goog-generation: 1613073216865773
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=JCyaWw==, md5=oQ2FRiDRHUYifx2JBU9AKQ==
x-goog-stored-content-length: 6044
accept-ranges: bytes
x-cache-hits: 786, 89

GET
H2 200 tbd2017-1.png
www.twobillsdrive.com/wp-content/uploads/2017/10/ 14 KB
14 KB 143ms
140ms Image
image/png 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twobillsdrive.com/wp-content/uploads/2017/10/tbd2017-1.png
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 2944e0ebe135a57c4285876ab58fa6fe886ff10798373a3a4d29b2ec158a5d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
last-modified: Sat, 28 Oct 2017 17:46:16 GMT
server: nginx centminmod
etag: "59f4c268-3624"
x-powered-by: centminmod
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 13860
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 80ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 165189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 86ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 194313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 05:09:29 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 72ms
42ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CKYXN5PAK72EB1V6
age: 104059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
x-amz-id-2: 73e6lQESMFth9vTn3lD2OzwuMtjyE2UpYpOacCvyjZtEt5qX5wEXU4wTwxoC5ABa9WVcG6lWV4VrPp5PySDn6Q==
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y211lfpgkpeHR2ov3ZdqvZRAP%2BqKKsNGcOpah7DpTmKSfJMukthbDJf8d4zm6Clrmx56Z0IB0joY2a%2Blso7tCX6dPsYYo9xfpI%2Bfly%2BFiYRricw9ByNXDVdSgxGRiKzc4whYOjRE7De%2Fce9ZpbEYvd4"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76970c135d5991e9-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ 402 KB
161 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164348
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 11:00:44 GMT

GET
H2 200 search.png
www.twobillsdrive.com/wp-content/themes/lifestyle-pro/images/ 1 KB
1 KB 143ms
142ms Image
image/png 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/images/search.png
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 8381e58dd34281d45967d35eebcd12f09854a87031fc7bbc2995dd6a5f301454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/wp-content/themes/lifestyle-pro/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
last-modified: Mon, 16 Oct 2017 23:23:39 GMT
server: nginx centminmod
etag: "59e53f7b-47e"
x-powered-by: centminmod
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1150
expires: Tue, 13 Dec 2022 11:08:02 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 35 KB
35 KB 75ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 19:06:30 GMT
x-content-type-options: nosniff
age: 489692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35660
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 19:06:30 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 89ms
57ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLora%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 391751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:18:51 GMT

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
14 KB 71ms
68ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CKYYFM2XW593ATAR
age: 104059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
x-amz-id-2: w8Vji+lm4GNw9E46lTNnY7yD6MQwvHzj34Oa/CJvr0noojF/ca2wRQSBXSoB6DPRbr9qxu1jEyE=
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "b91d376b8d7646d671cd820950d5f7f1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw1BSwo5JaW50oN5lwnJLpvzN%2BfTs6bsyKSZPI598MYokRrJSWfHYB0giBRvKrjXvksmve7fPvYNdjSLNSG2qOu1or%2B1h8GG6yZaLDjEkxcGLChmjGO38tZpjemCp5gYPlJzxqWPWGi9YkBX2DAIWOq4"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76970c135d5291e9-FRA

GET
H2 200 pubads_impl_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 103ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132474
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 09:44:19 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
713 B 83ms
30ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.twobillsdrive.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13f0d15684e1616710dd19d7eb5382d649aaf85a5b71755e89e5f9e8770458f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78
x-xss-protection: 0
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 82ms
38ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BNL5YS2GQS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5355045-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e598314eed894287f43d0a3579b75cd83a50056b37c98f9ad1ffea47e9bc7076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76692
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5355045-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 09:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6728
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 13 Nov 2022 11:15:54 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
76 KB 32ms
32ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CKYZCJBMTAH53NEN
age: 104059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
x-amz-id-2: czt8Xd/JHIX9zltfP/+bYhi7z1GDkGNe0GPHyr6cw+YvHEvu0cu0B190gpnIIZP73Ftd0iglthjDJVSWaS9jAw==
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
server: cloudflare
etag: "ed311c7a0ade9a75bb3ebf5a7670f31d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2Zl4m7ay9hYVDyf22%2FsKGoa9QG%2BKYOnE%2FyUlKjnmXbXVSVc9t0KlN0hwgpW2l9rv9ycZ9fBLJgR3qNzvPJhhXp3iqCtEGXEV6hktR8BOwv62odJzkvoGOpD0VyUk%2FmZSf6KEgjXyNwryB48WLmD6od0"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76970c147fba91e9-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/ 355 KB
117 KB 114ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1067570087106119&plah=www.twobillsdrive.com&bust=31070831

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067570087106119

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc04fd4465fb5c457213d1d159c8066ed348485dd2f8e1682e5cad5db7bdc91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119544
x-xss-protection: 0
server: cafe
etag: 13604051164214263320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:08:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/ Frame 45A5 10 KB
5 KB 78ms
22ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1067570087106119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:06:58 GMT
etag: 10353107486223812946
expires: Sun, 27 Nov 2022 11:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AF99 42 KB
22 KB 109ms
54ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=748a3o5zf1jw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0030dbbcc9aedbb1c65f512017f0fbe98c584263c7826b5312fb1ad708db9da4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IInfgmSd7ZnDJjdZT-cvxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22235
content-security-policy: script-src 'report-sample' 'nonce-IInfgmSd7ZnDJjdZT-cvxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
352 B 82ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BNL5YS2GQS&gtm=2oeb90&_p=861970050&cid=1993440827.1668337683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668337682&sct=1&seg=0&dl=https%3A%2F%2Fwww.twobillsdrive.com%2F&dt=Two%20Bills%20Drive%20%E2%80%93%20Buffalo%20Bills%20News%20and%20Discussion&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNL5YS2GQS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/fonts/ 75 KB
76 KB 142ms
141ms Font
font/woff2 107.155.81.11
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.155.81.11 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 107-155-81-11.static.hvvc.us
Software: nginx centminmod / centminmod
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.twobillsdrive.com/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css
Origin: https://www.twobillsdrive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
last-modified: Tue, 27 Dec 2016 18:09:40 GMT
server: nginx centminmod
etag: "5862ae64-12d68"
x-powered-by: centminmod
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 77160
expires: Mon, 13 Nov 2023 11:08:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 107ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.twobillsdrive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 80ms
29ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.twobillsdrive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 148ms
101ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626633310240274&correlator=1481082136437878&eid=31070867%2C44778642&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=7103%3A1003292%2CSMG_TwoBillsDrive%2C300x250_2a%2Csports%2Cfootball%2Cnfl.main&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=4&adks=2698797620&sfv=1-0-39&eri=4&cust_params=kw%3DBuffalo%2520Bills%2520NFL%2520football%26title%3Dhttps%253A%252F%252Fwww.twobillsdrive.com%26targetPaths%3D%252F%26fullPath%3D%252F%26queryStr%3D%26domainName%3Dwww.twobillsdrive.com&sc=1&cookie_enabled=1&abxe=1&dt=1668337682866&dlt=1668337681965&idt=864&adxs=278&adys=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&frm=20&vis=1&psz=336x0&msz=336x0&fws=4&ohw=1140&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

275c6effb33e08e825900aedaabf18dd1f7fc76083d875d2a518271491bb8dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10890
x-xss-protection: 0
google-lineitem-id: 4685314778
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234279273
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 156ms
110ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626633310240274&correlator=1481082136437878&eid=31070867%2C44778642&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=7103%3A1003292%2CSMG_TwoBillsDrive%2C300x250_2b%2Csports%2Cfootball%2Cnfl.main&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=5&adks=1226288614&sfv=1-0-39&eri=4&cust_params=kw%3DBuffalo%2520Bills%2520NFL%2520football%26title%3Dhttps%253A%252F%252Fwww.twobillsdrive.com%26targetPaths%3D%252F%26fullPath%3D%252F%26queryStr%3D%26domainName%3Dwww.twobillsdrive.com&sc=1&cookie_enabled=1&abxe=1&dt=1668337682874&dlt=1668337681965&idt=864&adxs=1002&adys=2373&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&frm=20&vis=1&psz=332x0&msz=332x0&fws=4&ohw=332&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d01379df3f51e2baba9d09c22ca5110255bc26603971084eaa466bc843f8434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10873
x-xss-protection: 0
google-lineitem-id: 4685314778
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234325685
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8708c5f26fd3f3346f54dda9dccc78ca.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 0DE5 6 KB
3 KB 178ms
30ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8708c5f26fd3f3346f54dda9dccc78ca.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:03 GMT
expires: Mon, 13 Nov 2023 11:08:03 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 76ms
30ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=861970050&t=pageview&_s=1&dl=https%3A%2F%2Fwww.twobillsdrive.com%2F&ul=en-us&de=UTF-8&dt=Two%20Bills%20Drive%20%E2%80%93%20Buffalo%20Bills%20News%20and%20Discussion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1981720006&gjid=1118643729&cid=1993440827.1668337683&tid=UA-5355045-1&_gid=850756078.1668337683&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=267006891

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twobillsdrive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.twobillsdrive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame AF99 52 KB
24 KB 69ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=748a3o5zf1jw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 15:57:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame AF99 402 KB
161 KB 67ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164348
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 11:00:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
701 B 101ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.twobillsdrive.com&callback=_gfp_s_&client=ca-pub-1067570087106119&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1067570087106119&plah=www.twobillsdrive.com&bust=31070831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f123e30ce7e66566067595582065285e08f87e619c55b79d298f44c06e11e09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A841 152 KB
44 KB 704ms
657ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&adk=1812271804&adf=3025194257&lmt=1668337682&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682647&bpp=2&bdt=682&idt=274&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6113789994663&frm=20&pv=2&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d307925187209def35c8e37d1a93f9335544ec749acf339290b5a0405157879a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44921
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:03 GMT
expires: Sun, 13 Nov 2022 11:08:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86D0 96 KB
32 KB 2024ms
2001ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1668337682&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682649&bpp=3&bdt=684&idt=299&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=g3KNoaEVoF&p=https%3A//www.twobillsdrive.com&dtd=318

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99c93c8cb8b47f548f90d19084d2072e43477ef37a1e290c11e99db25fcbff72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33093
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:04 GMT
expires: Sun, 13 Nov 2022 11:08:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F873 22 KB
10 KB 1404ms
1403ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a2cea9386522f8c5ae6d06f772b6c6b49c2672bbc13250f63cc81842387cd26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10692
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:04 GMT
expires: Sun, 13 Nov 2022 11:08:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 smg_twobillsdrive.js
img.bnqt.com/lib/sdp-dfp-helper/site_config/ 0
0 142ms
142ms Script
application/xml 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.bnqt.com/lib/sdp-dfp-helper/site_config/smg_twobillsdrive.js?col=531387552
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 194ms
71ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 14 Nov 2022 11:08:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D09C 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyn43aNySsJgF6I2kpqViUv-weMg3SJETqvew6JWPOat_AViw3Zfg3h56mxURjp8gL4wTzMGHhOQIApuboRmykNqHI2sFIjN8oEDhLpNE_AzU16y6DfONB6ZEwKX2zibEs_bcT5lob-Mq9qMM6YEAbHY1D3IgF6ZMays0TAnSTjj2cZOiMKUgRAKpNH5BW4fv5st_ucaQoi8Q7m381IFgg_oipkiHpWsjwqcs2TZg6GAv6PWdp0ANc17ON1zxatcHdLFe-Xq5iT-T_NMqAlAaJltpiiQ7Hb88cevf3vQpQwF6lMU0V_luPsXwJkf1dmuboywFSV6NG9PuAkqP_XuoVBdsn42MYEaL3BSRIMkeOUS_y7TVDFdrCMgJ4FtMYy9wMng&sai=AMfl-YRoa79NVJ6tnj22vuoMDDBnK6J8WGvJniQRw5TPEVRqcQcfImb_NZWycrk7S7OcLDmaa5B_V_IOf96U8Fy4WO-t5OjMrGQWJUR8YAU5kovBmxObP-EhLYMIZMDmCJyhLwSI&sig=Cg0ArKJSzN8wzI5Owuh1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 11:08:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D09C 154 KB
47 KB 1983ms
1983ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E66A 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKgCCzdBlB1J2ffFmtVU8sYXWxyCAOfPlQFt4qlIzbUGHGSN6K_VgbHrndyjduqcRn6T366zCDEn0BxWACgzoiaI5pn0oRLR79aqxa61J1eEXrgFbI-dXp-OU7eTpFCtIBaKClZFgG1w5Hk10L6TZO4P0ngmKqAZ2m89afBkfXgI6wRnwejIcb0EAsH52HsXbUNyHbtpgeonJyndTyTW-0x-knDcTRgqGOndN2gifOKoIOHIkox_KrJBOUXyU6bFbu9HHDdYLgu2yopbq5vz_BOLc8y70oAlCNdu2T5fFbD_hBbG4ztgOP-LXTPpjGP98h9a9ABgyI2lmat15R6RXlXmCBYjPdCuf-sFr-zG38ST-ZnYldVSkuiqEU-ky5COzwlg&sai=AMfl-YQFpStAtG4eNPdSPPT1tb0dxRbAdwtWUYMW4e1j52Q8_NcSsZ3iKXXxKHiXP6WLKRy_1tXuG8wPSD-jSF31j3-PDhByCjcA-iMpP-jhxxkThGEohpZ9TAFjnHxmp32I1pdr0w&sig=Cg0ArKJSzNUJmtK6qBLyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 11:08:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E66A 154 KB
47 KB 1991ms
1991ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AF99 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 403695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 15 Nov 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF99 15 KB
15 KB 62ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 402396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF99 15 KB
15 KB 65ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 403695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Nov 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame AF99 102 B
134 B 30ms
30ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=748a3o5zf1jw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 13 Nov 2022 11:08:03 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7280 15 KB
6 KB 139ms
45ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.twobillsdrive.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 654735
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame AF99 32 KB
18 KB 78ms
78ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b93d3f3bec569b72ef2844c27f5e3698c2fba1180f8bd96950deced5e7919fc5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_fFceAAAAAFn2zvkKWK2kOThVgfshNOFyzV3w&co=aHR0cHM6Ly93d3cudHdvYmlsbHNkcml2ZS5jb206NDQz&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=748a3o5zf1jw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18693
x-xss-protection: 1; mode=block
expires: Sun, 13 Nov 2022 11:08:03 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7280
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=twobillsdrive.com&sn=ChromeSyncframe&so=0&topUrl=www.twobillsdrive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=EvAZvXxZN2FkZlUxR1VzQ05oQ3lGbXcvWkRaU2F2VFE3RTBoYkFxeUJmOGtoZnQraHh4SS9DWFZLeWZhMTB0Q3JzeGhUM0Jxc3BVVVhrNG9UeDE5WUcwQlFUVXRCenRORUZzbEFaWW1CM3paVmtFVVZKNjBseFpzdTZCOV...

449 B
672 B

210ms
32ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EvAZvXxZN2FkZlUxR1VzQ05oQ3lGbXcvWkRaU2F2VFE3RTBoYkFxeUJmOGtoZnQraHh4SS9DWFZLeWZhMTB0Q3JzeGhUM0Jxc3BVVVhrNG9UeDE5WUcwQlFUVXRCenRORUZzbEFaWW1CM3paVmtFVVZKNjBseFpzdTZCOVJpUDdZZ0ZxQVVKWTdaNmtvZW1NZTBTRGpIRlRZWDA2VkxHSmZRenN5dVdBM3dDTDg4ZmNqcW1mTS9MbzlRNXlTSGxyS256eXExVDdPdko5TXBKZnJINnBVU25IWmVyc0JpNzUrOVZ3ZVNUaEJYWmtBTkdhWnJCV1NjMW8vaWV0Vlk5b002SCt2NEZUNENRc2E0czI4SmMwZzBRdFpDVm9reE5OTEp1Z1dmRXJNKy8rLzFuWT18&cppv=2

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

262b036358d9b9494f2f9b0854aa1214831f14196cff56817045f3f554768fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3285072
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EvAZvXxZN2FkZlUxR1VzQ05oQ3lGbXcvWkRaU2F2VFE3RTBoYkFxeUJmOGtoZnQraHh4SS9DWFZLeWZhMTB0Q3JzeGhUM0Jxc3BVVVhrNG9UeDE5WUcwQlFUVXRCenRORUZzbEFaWW1CM3paVmtFVVZKNjBseFpzdTZCOVJpUDdZZ0ZxQVVKWTdaNmtvZW1NZTBTRGpIRlRZWDA2VkxHSmZRenN5dVdBM3dDTDg4ZmNqcW1mTS9MbzlRNXlTSGxyS256eXExVDdPdko5TXBKZnJINnBVU25IWmVyc0JpNzUrOVZ3ZVNUaEJYWmtBTkdhWnJCV1NjMW8vaWV0Vlk5b002SCt2NEZUNENRc2E0czI4SmMwZzBRdFpDVm9reE5OTEp1Z1dmRXJNKy8rLzFuWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 691745
content-length: 0
expires: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/ 150 KB
51 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/reactive_library_fy2021.js?bust=31070831

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f04e974fc490dc63a0425b1c96f7908617f039390d2bf310f288caec06e4e520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52283
x-xss-protection: 0
server: cafe
etag: 1265226383888164449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 11:08:03 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 70ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.twobillsdrive.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.twobillsdrive.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/ Frame A23C 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 00:20:33 GMT
etag: 10353107486223812946
expires: Sun, 27 Nov 2022 00:20:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame A23C 4 KB
636 B 72ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 10:30:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 11:08:03 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A23C 205 B
229 B 22ms
22ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:52:12 GMT
x-content-type-options: nosniff
age: 951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 13 Nov 2023 10:52:12 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A23C 604 B
628 B 24ms
23ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:36:40 GMT
x-content-type-options: nosniff
age: 1883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 13 Nov 2023 10:36:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/ Frame A23C 19 KB
8 KB 100ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 18:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 18:06:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA13 8 KB
895 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 11:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 09:12:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 11:08:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame EA13 2 KB
845 B 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:42:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame EA13 23 KB
9 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:42:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame EA13 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame EA13 18 KB
7 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA13 154 KB
47 KB 1222ms
1221ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame EA13 34 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 20:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 20:20:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D099 624 B
242 B 36ms
35ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWw6-PJyC8H0vFEhn-EsVWWWQrt-sa4vQXI1uUcfpXsbuUI3psG3mY3r2UkARH6k1g2RlFAzIa0xy5upr9hFQ0pQinWM5ihxBchxLwUlKmEQW77K85TTjvLRTTrpvk40-7wYIN_-Yl9Z-foKeVp3z-SL_xYfYDAj7JSd_8CP4R0bC9ESKQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E115 86 KB
35 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C549rDkC0H8a-h5vQtfEbJsS1XK6sh9VWeYBrtnYDYrKHm8PWSkF4WRNk2t-j-fbg5t7sLTZLyzWAuRxbo7FRpYCe-_f9wDu4qxS3OBY7PwSUIler62-yg-XXQEoZgPeKJxsuQhu32s_gtYHZBxUpac_4jhv34_P18AsXzPI7-DK60QSA&dbm_d=AKAmf-CVUdo8_7WeY8CHl457kpmiJNJ_2DKrrkKu_XMUOamzewzCDz5DRGwLoSZPTaorG4H4suOsZdF_F1Sx7HLI9147c5SPV8BdPfyHRO7Q4QOGM0yDQ7XxmIy6G34hXjtf7Vsukcsp37-tB03An36WqiCfBJ-UoBaCi5usxWggW8LKIIBRHaLcVcOONIqlOxKckQjNrloVh2hLNXz35FDFCBJeYABJF82jU2ZquOqsAjDmpnLGOrxXhplCora0NqVB9MqnisH20ec3L5_KDlGXylpDVRoausGyn15noNIcsacetPLfR_BREG1u5Ln5oUy1ntcX7O9y_a2SPTofdDUxZI1fOIOowftXhmxEHGvZIzBsBslh_XE9xBQ3PETPh4A_3zir8al-QqYAYTOsErewef08wkODmWIOgP70tMWB48oaqC-tmc1c7TMG-FGd2wH0_rRZJ3x1N_cZzDldlkwjMTDD-N1wmZYtMeYobw0BM50Je7Wvu6VlLo3VdgqLLPvJYHwcvQit6BcBgUr2-U8QOmzgdozG3Vuz7UsfXw_eEwFt2OPJwNW12rdWDMo4PY6nyH802KIS_IIg1QtVh-o0tubgX3don_q3dwkNgoM_7Cq7Z7JkZZj3QNZQbjS9YSuRRC7uGjX_UqVc-QmFfzzmQ02mCaoHrCtIQ7MRbY52Qdywi4P_x4iNiyTmfTSE83dE5PzHQK-SHM7-WLNrWVa1clilNfb13MlsG09U9ASd2_MqW4vTLPJGLArF7I2HZl1wsxXKE87FSboZAgBM3txM2SXiUJTJ9-cQVJpc9C-0uZ6m7VXVASBEK-XYf_I2qdOlUUxcsH233LYRupamjad38GV6fpTgcjXtdQ2E5KQNidxZNZhxs_AanFr4FsJI-8NnEd_pZ9tVnlku5VLJ4k8NyiEKKdLbFDe0I_wHp7LkWOsWRWNNBqqhrQ4xcNN21nrQURjkx5NJRa4i3gwBjcrFvJrCHjHwElcx3bkNPHlWACReLzscEmyRP3Hys7RhhOGEVJXM4ls9Qry454n8acbBAYgxfgu-Wiecgo3jmeACwUcfZT-OMrLeJFgO74B6PtYXiPKxgosU3aqg1ia2X04UH8OvUTN_nQUrbE4FruZynYtPZfz2FhGWiJR2o3TQr20kvFBTLzJiip_MfJo3LXBWXO_w-UXW4mPdzPz_nEXfDjYyu9bCjoXWN0MpinbRpziTs9GTVaHfgwwIhFASqgRjXW7OprmpX0IyCvHJ_4VbWpYk6mZ6uM0-5j8fVYLij_D7cc4q6VbAML-ldLY2Byrnf7ofApM7RR-CXTGC7om5_Xcnw-6-y6R0RpSZsic2UrtOXTR3Vo3YTN8PLVbmc6zFpdYJi8_yV_RuDrxG1-sAHfJS-P9wHClNLzXRHowvbwM0rTNShwPwgtUXh2UCcSTFDGv_SmJl-AV54QZExCxGnkhGw9oZGl0nGrG4q-IKdadZO-Q9zt5k0qUbFd7wITpCiqMMMeIp1I9GXkg6VmmXgzNWmkKBpWoK913Ng9OAQtMoUaR7AhNGJlGPf_qXjx98lQvT6XN_cdbnnlPGJLCKNXZL79Nev2rfzBqrzMHZpKRQLbfweJychejymNRkGJchdnl8Me-vFRaLgqvZpRLNgI3gr33ZrqXlED7OAVD8E370EdLBuKObmiusK-1_O4pk2f6TdFSWIHzchIB8-2l0LDOSy5RHw4cBQ2SlxdQu5TIVBNS7E1Hi4EE43dayfJfRYMlTOZcnIcWU8EtSGGUc2gA0dz1F62DV05nKxHHmN8kSeCnciIMtqFB-ojI8fT903KD2dqhlONrF-d5A15KSnZRub-JhBlTYKiTqtf-01n30BMnQdrRVwZnCF8BHr3Qr3p6njZbfsPezdZZ8EiqfcFF4dP8ka9rMMhHKOl9tyR9WlKvhQBQ7fPmJsdCVnasaHohkUud_wSgQlarHsbFx9elxj80z1KRIViZUTfrieUMB9GZTx453wQDVFJxRdVaWLAkm8K7KhUvPGjLaHwg3rPZLoJ7fKY7nmisOOIwVkxVBCHNGFG-7qfdfHqIfhQiKDj3s8hEL7iCNKZkknBNpJbBgCXea-7XFaFUiF56P2rBeZkBoHsIJ7JnyCHk3yQ4RJ22rzFPZ2C2rFlOsWXoLBm8pZmtUaZXRohEVGedlPLe1LOt16MPAVxFl0X_4xdwG3qNfaexbUWOiGX7GaAkSj_G6nDHsIJe8Q93URmJwD2XTgtiDJzLcPwnObiiMYq08Dg_SmeNSPTbKrvmqy_H9lyzuW-k5yfFh7bRqKE5IoWDIXyytpeQVzGp8XxEmN2ggWW7fYQAc301GckRb8EOpS6lpyodbe3UQ9AigA0ZUecydIDZDmZR5VAwzs2bDtkoC2FZz7IeCtir1Gp5iolcq8k6P97vIbbCrXybcAXgYkj8UId79_-nqRwVduIVFwxLoDpIqpgV32Mi4U9v2WdWHOCrsAHIVCMsyUeJIolyDIGZkbowvirztWSJh-rS4hJHgij0tqaO7TnlnCIaquY-Tlx7_9WfaxbvyJ07xpngolx90FYcRnrZYr4qtc8WvA5dcXFV3b4pmiETtcjrqOQ1KQ9RjZDdXpsFvLTaOJxUWgK51MzzU6oDaCM2W62RAa0OInkgBRYslnVrnlEVige_uEUszvN2Yvn2cgFZ9D5FLfB0TWATKcQhje7zT01LK6QyvSq8rosNp0d8IrhEMDwOoaLeuEwZJEuBB0Qg7qqxq40FFYN8ki480tE2HPpxwqZ8a6YIF1lCt2jqcvK1jDpMW3PjG3yvqyQGavKBC2HFsyOPHSVjmzMiLnoyLMKnh1Ary5B4ZpVoCimqSJykXgWSShkwPpzdOpLLDuhH3cqRm1oR3Xw6UC1h4Wpvuo19XZmw7XTb6iB8Qdt1GaHpsYLetqzi7qwrViWlp39H8qXJJQthRrsEx7GdAwDoaKqA2Zle-7o-W1wI3gT7m43K66wEHBt_xsID5AXuQ8fm_-LVz-xQB0dbMrZ0dJxSsgYaFY0J_sPMG3trzz6KPNQQOwtFchwwXp-cvGS8Cu10i2hDx6PWUs4RIMdoV7MizgjQ4BU0BYHTp37TMg3GVPIBueulJw2X2SfCa5X08ZOmCnvqa-Z299InTIz787twHYdu90Sk_wG2C5A5OwrKxHUOqaaXxKYNIqYEDGERf5IBQHiVON8bIv4Vf8iZF_364JzJr_IW-G3b4eNSt07RjxOBiXstdgqBrbZZoane8NIFVJgvl7kLH3LALt2UlEmJmzngyjNw48ZOPVdMHkm3a7Nb2ZI3BeT25kB0XYhvjhql22H3o1pxRWCdu7S6hjTbAJxAul_fovFOoks0ELBG8U20zyJi6WYwC958ZrkovLjvf-XN_On64J6oeocpursI-mE7myNysu8nrNSMLtZUNsUJlmoZDm-RgoLcEKDOBRyoaOcj944BTOO9a0TGcG3JiPWHpeNchHIB5EQVG5CM4eD6xhGsDmsV8NqQogk0&cid=CAQSKQDq26N9mDY6JjxosSgT7jDJiAwfkGTY4EYIMi9AdZVNn942H_3r3gaJGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.twobillsdrive.com%252F%240

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e8ca1394697fa7e65c99fc23487b40e8af03df891e3e649eb26016002453f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35681
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame E115 47 KB
13 KB 195ms
43ms Script
application/javascript 34.251.78.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.twobillsdrive.com/
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: da9c67067b9fdaac2c59183d06dd6ed1443b368c0af95f8bc354f60c7eadbddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame E115 3 KB
1 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame E115 18 KB
7 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E115 0
0 30ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAeLg9pmViyaXooh4-yXKyd34nZ08JD27Bn8xM9A93tGM7uue4gKwDiUMfuwlH4reN-iuY914mZfWtD6iEcK0WzqruVg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E115 154 KB
47 KB 645ms
643ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E115 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AHdL9jrGmsuOYbD1s91IdIRlFOWYN1UL6NgGrCysErm-ayIW4Www5-YKD5edKtMR0IWxNmR4nEY_smPF4OLJ_AaIaEJpIw5LtgmBa8SCe0YNJR1gw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D099
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&C=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWw6-PJyC8H0vFEhn-EsVWWWQrt-sa4vQXI1uUcfpXsbuUI3psG3mY3r2UkARH6k1g2RlFAzIa0xy5upr9hFQ0pQinWM5ihxBchxLwUlKmEQW77K85TTjvLRTTrpvk40-7wYIN_-Yl9Z-foKeVp3z-SL_xYfYDAj7JSd_8CP4R0bC9ESKQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 11:08:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 11:08:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D099
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3DQFLkF0Zb-.1Yo4KWy5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&google_hm=2

43 B
766 B

21ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWw6-PJyC8H0vFEhn-EsVWWWQrt-sa4vQXI1uUcfpXsbuUI3psG3mY3r2UkARH6k1g2RlFAzIa0xy5upr9hFQ0pQinWM5ihxBchxLwUlKmEQW77K85TTjvLRTTrpvk40-7wYIN_-Yl9Z-foKeVp3z-SL_xYfYDAj7JSd_8CP4R0bC9ESKQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 11:08:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH_QtR6mHUoiHEMIh7OsLm4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D099
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDbMRDpT8nodJu5Gx57oiL4&google_cver=1

43 B
1 KB

36ms
22ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDbMRDpT8nodJu5Gx57oiL4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNWw6-PJyC8H0vFEhn-EsVWWWQrt-sa4vQXI1uUcfpXsbuUI3psG3mY3r2UkARH6k1g2RlFAzIa0xy5upr9hFQ0pQinWM5ihxBchxLwUlKmEQW77K85TTjvLRTTrpvk40-7wYIN_-Yl9Z-foKeVp3z-SL_xYfYDAj7JSd_8CP4R0bC9ESKQ

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 11:08:04 GMT
AN-X-Request-Uuid: 55d51c0e-d712-49a8-86f7-ed2ab96fbf80
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDbMRDpT8nodJu5Gx57oiL4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D099
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0OTM5MjAxNTUxMjM4ODc3Mg%3D%3D

170 B
188 B

77ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0OTM5MjAxNTUxMjM4ODc3Mg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 13 Nov 2022 11:08:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8377dfec-5978-405b-83d9-46a553125a50
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0OTM5MjAxNTUxMjM4ODc3Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E115 170 KB
59 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Nov 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/ Frame E115 8 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C549rDkC0H8a-h5vQtfEbJsS1XK6sh9VWeYBrtnYDYrKHm8PWSkF4WRNk2t-j-fbg5t7sLTZLyzWAuRxbo7FRpYCe-_f9wDu4qxS3OBY7PwSUIler62-yg-XXQEoZgPeKJxsuQhu32s_gtYHZBxUpac_4jhv34_P18AsXzPI7-DK60QSA&dbm_d=AKAmf-CVUdo8_7WeY8CHl457kpmiJNJ_2DKrrkKu_XMUOamzewzCDz5DRGwLoSZPTaorG4H4suOsZdF_F1Sx7HLI9147c5SPV8BdPfyHRO7Q4QOGM0yDQ7XxmIy6G34hXjtf7Vsukcsp37-tB03An36WqiCfBJ-UoBaCi5usxWggW8LKIIBRHaLcVcOONIqlOxKckQjNrloVh2hLNXz35FDFCBJeYABJF82jU2ZquOqsAjDmpnLGOrxXhplCora0NqVB9MqnisH20ec3L5_KDlGXylpDVRoausGyn15noNIcsacetPLfR_BREG1u5Ln5oUy1ntcX7O9y_a2SPTofdDUxZI1fOIOowftXhmxEHGvZIzBsBslh_XE9xBQ3PETPh4A_3zir8al-QqYAYTOsErewef08wkODmWIOgP70tMWB48oaqC-tmc1c7TMG-FGd2wH0_rRZJ3x1N_cZzDldlkwjMTDD-N1wmZYtMeYobw0BM50Je7Wvu6VlLo3VdgqLLPvJYHwcvQit6BcBgUr2-U8QOmzgdozG3Vuz7UsfXw_eEwFt2OPJwNW12rdWDMo4PY6nyH802KIS_IIg1QtVh-o0tubgX3don_q3dwkNgoM_7Cq7Z7JkZZj3QNZQbjS9YSuRRC7uGjX_UqVc-QmFfzzmQ02mCaoHrCtIQ7MRbY52Qdywi4P_x4iNiyTmfTSE83dE5PzHQK-SHM7-WLNrWVa1clilNfb13MlsG09U9ASd2_MqW4vTLPJGLArF7I2HZl1wsxXKE87FSboZAgBM3txM2SXiUJTJ9-cQVJpc9C-0uZ6m7VXVASBEK-XYf_I2qdOlUUxcsH233LYRupamjad38GV6fpTgcjXtdQ2E5KQNidxZNZhxs_AanFr4FsJI-8NnEd_pZ9tVnlku5VLJ4k8NyiEKKdLbFDe0I_wHp7LkWOsWRWNNBqqhrQ4xcNN21nrQURjkx5NJRa4i3gwBjcrFvJrCHjHwElcx3bkNPHlWACReLzscEmyRP3Hys7RhhOGEVJXM4ls9Qry454n8acbBAYgxfgu-Wiecgo3jmeACwUcfZT-OMrLeJFgO74B6PtYXiPKxgosU3aqg1ia2X04UH8OvUTN_nQUrbE4FruZynYtPZfz2FhGWiJR2o3TQr20kvFBTLzJiip_MfJo3LXBWXO_w-UXW4mPdzPz_nEXfDjYyu9bCjoXWN0MpinbRpziTs9GTVaHfgwwIhFASqgRjXW7OprmpX0IyCvHJ_4VbWpYk6mZ6uM0-5j8fVYLij_D7cc4q6VbAML-ldLY2Byrnf7ofApM7RR-CXTGC7om5_Xcnw-6-y6R0RpSZsic2UrtOXTR3Vo3YTN8PLVbmc6zFpdYJi8_yV_RuDrxG1-sAHfJS-P9wHClNLzXRHowvbwM0rTNShwPwgtUXh2UCcSTFDGv_SmJl-AV54QZExCxGnkhGw9oZGl0nGrG4q-IKdadZO-Q9zt5k0qUbFd7wITpCiqMMMeIp1I9GXkg6VmmXgzNWmkKBpWoK913Ng9OAQtMoUaR7AhNGJlGPf_qXjx98lQvT6XN_cdbnnlPGJLCKNXZL79Nev2rfzBqrzMHZpKRQLbfweJychejymNRkGJchdnl8Me-vFRaLgqvZpRLNgI3gr33ZrqXlED7OAVD8E370EdLBuKObmiusK-1_O4pk2f6TdFSWIHzchIB8-2l0LDOSy5RHw4cBQ2SlxdQu5TIVBNS7E1Hi4EE43dayfJfRYMlTOZcnIcWU8EtSGGUc2gA0dz1F62DV05nKxHHmN8kSeCnciIMtqFB-ojI8fT903KD2dqhlONrF-d5A15KSnZRub-JhBlTYKiTqtf-01n30BMnQdrRVwZnCF8BHr3Qr3p6njZbfsPezdZZ8EiqfcFF4dP8ka9rMMhHKOl9tyR9WlKvhQBQ7fPmJsdCVnasaHohkUud_wSgQlarHsbFx9elxj80z1KRIViZUTfrieUMB9GZTx453wQDVFJxRdVaWLAkm8K7KhUvPGjLaHwg3rPZLoJ7fKY7nmisOOIwVkxVBCHNGFG-7qfdfHqIfhQiKDj3s8hEL7iCNKZkknBNpJbBgCXea-7XFaFUiF56P2rBeZkBoHsIJ7JnyCHk3yQ4RJ22rzFPZ2C2rFlOsWXoLBm8pZmtUaZXRohEVGedlPLe1LOt16MPAVxFl0X_4xdwG3qNfaexbUWOiGX7GaAkSj_G6nDHsIJe8Q93URmJwD2XTgtiDJzLcPwnObiiMYq08Dg_SmeNSPTbKrvmqy_H9lyzuW-k5yfFh7bRqKE5IoWDIXyytpeQVzGp8XxEmN2ggWW7fYQAc301GckRb8EOpS6lpyodbe3UQ9AigA0ZUecydIDZDmZR5VAwzs2bDtkoC2FZz7IeCtir1Gp5iolcq8k6P97vIbbCrXybcAXgYkj8UId79_-nqRwVduIVFwxLoDpIqpgV32Mi4U9v2WdWHOCrsAHIVCMsyUeJIolyDIGZkbowvirztWSJh-rS4hJHgij0tqaO7TnlnCIaquY-Tlx7_9WfaxbvyJ07xpngolx90FYcRnrZYr4qtc8WvA5dcXFV3b4pmiETtcjrqOQ1KQ9RjZDdXpsFvLTaOJxUWgK51MzzU6oDaCM2W62RAa0OInkgBRYslnVrnlEVige_uEUszvN2Yvn2cgFZ9D5FLfB0TWATKcQhje7zT01LK6QyvSq8rosNp0d8IrhEMDwOoaLeuEwZJEuBB0Qg7qqxq40FFYN8ki480tE2HPpxwqZ8a6YIF1lCt2jqcvK1jDpMW3PjG3yvqyQGavKBC2HFsyOPHSVjmzMiLnoyLMKnh1Ary5B4ZpVoCimqSJykXgWSShkwPpzdOpLLDuhH3cqRm1oR3Xw6UC1h4Wpvuo19XZmw7XTb6iB8Qdt1GaHpsYLetqzi7qwrViWlp39H8qXJJQthRrsEx7GdAwDoaKqA2Zle-7o-W1wI3gT7m43K66wEHBt_xsID5AXuQ8fm_-LVz-xQB0dbMrZ0dJxSsgYaFY0J_sPMG3trzz6KPNQQOwtFchwwXp-cvGS8Cu10i2hDx6PWUs4RIMdoV7MizgjQ4BU0BYHTp37TMg3GVPIBueulJw2X2SfCa5X08ZOmCnvqa-Z299InTIz787twHYdu90Sk_wG2C5A5OwrKxHUOqaaXxKYNIqYEDGERf5IBQHiVON8bIv4Vf8iZF_364JzJr_IW-G3b4eNSt07RjxOBiXstdgqBrbZZoane8NIFVJgvl7kLH3LALt2UlEmJmzngyjNw48ZOPVdMHkm3a7Nb2ZI3BeT25kB0XYhvjhql22H3o1pxRWCdu7S6hjTbAJxAul_fovFOoks0ELBG8U20zyJi6WYwC958ZrkovLjvf-XN_On64J6oeocpursI-mE7myNysu8nrNSMLtZUNsUJlmoZDm-RgoLcEKDOBRyoaOcj944BTOO9a0TGcG3JiPWHpeNchHIB5EQVG5CM4eD6xhGsDmsV8NqQogk0&cid=CAQSKQDq26N9mDY6JjxosSgT7jDJiAwfkGTY4EYIMi9AdZVNn942H_3r3gaJGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.twobillsdrive.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 16:13:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame E115 29 KB
11 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 17:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11172
x-xss-protection: 0
server: cafe
etag: 1193498290069121257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 17:26:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E115 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 16:21:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E348 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 403183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 19:08:21 GMT
expires: Wed, 08 Nov 2023 19:08:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame E348 36 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 10:12:19 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3968893158595306590/ Frame 99F4 1 KB
620 B 235ms
33ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bb66a4066547ae8ab6db3ca66053088fd5b5215d6ced7acfe2bac1842b6327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 592
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:04 GMT
expires: Mon, 13 Nov 2023 11:08:04 GMT
last-modified: Mon, 25 Apr 2022 12:26:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E115 0
0 274ms
64ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstD7m9GeaTP-7QFg0YfhJA1QzVqhXhW5uv8QFxktwnrIKAJ212n1Zr5wWVW5IxyOx2A7xdd7Jcot-4rW8AzJ9W1Kfvm1wsijWjSWCtpBA1Q09_8mpi4pA9Xdrd8hm5YDlqxuM6sV_x7v6Ze5Wp7W8foMoE59L1CYaGhLTtk-1X1KySpJrh8Rh61v2KfIbgX1ABDrDjxDMozRwbElb1BqZdD1IjGbnB7DSMpyGpMgJKam4PwwhqRsmm88SPZJZV3FpbKvW4xnFz1F1tat6GWpn9blaobQrVVxqeYVUH8XDtkCnVmWmT5H8V1UaySVK0U8FQnNcnAzSKWs1l1O6X37qKvXdrVFSYPys5dB462DIuzb03WQLA2oufZdODV7Trkt8sPJIGOqs2R2T1BOj6nBFqm9BI8IfRUbBm0NbUdID0gcvb5o2vJ1ff6opuvlD7uzA5btJTIR9-v5UEQywz8O5Wg0d9oqM4IYP_v9-JlqnyrVjZPArUk-ZKSCSi9BMvncWczpGcrakBxOEf_DlbwlGIki19cJ1Wp6c1l_aQzZfgZAyNwZp6y7Q8-4MS2k_GH6a91XeFIcB_c0qpKrrN0vQN422n-uzKaALHDnxtf0eB0_jDY7z76rmjeNc2kYys2osk-oH83dG0XsI_UZyd4bJnlseQT-EnxVoBc7yoIBKTEPB5PBDakzT-NoczVCHiDqVAJx2ZnCzGNUvheU2tyqT_0rF0YStk1iVX1dfdL9BkS5DYxEusJTHlURMzr2366Nl6S_kXrVlqsDC6I-BkKH836kR1XbBR9co0d9hjwAvSGnSmsl15mWAxMzjlx6FJUuDQg2qj4zzDa64n6xRe3-ObxCuY1K6VD0Qz9BOjt6Hmp-hvjsgIF-AzgyRGGlm5dn8yIUrS4vp3kevHEnerfIvB07zmq5X5vIItPMZ7AAhzI4YEZytIAk9mbnV9vtlF23KQlT1vYqY9PaxCdOzLz2o9Tq4RECsovMl44u5EiWF40l8hf9FN6zFqHrE19I6Ssla3o_Bb4UpFSy_O_dbQf4PNPD8zLYoxRnxncICT9slyUq8zdsUKPHcsn8IypkMMOtGqeDkqKd_VPJ0r1EyI9KonDEE9eDWblzQlRn97RyJAdXUAJgOaUDk5y8HFDbmTPBRZBx5NEY7PZH5s5dVmT7jtX-_ujUDbzx1vdorrcF6AJ1T5nL_LM7uqUYOB6JDfzBej1_EYoeZ3Id9hd5w8js2v2UX1T-vMUD51jd_UsGABM8TXynCCamLOm4iUdWoRq9fqXyxMR9BQaMDeIJSVCxJHiZE1oueC8iyF1_w&sai=AMfl-YR32pQU6McdkB6kEAGXMwlqsh81i7b8igg3qZ6NCLSwPIZm_vY2pmXX0kzPLsWQWFvc5vWtbpGLQd6JcBIXI2xDT5o8FFcC5QNgEAIUZ56DDpbTJbaXag-qjYqxWGHsYjrpvus6vbDy236UjEhZ7sUKzY9H2i66pB44n3m9wJ56U8CeNfSUcQKNB4jowG9m2RsQtXV0F2hDQd4tqrE&sig=Cg0ArKJSzCFiq2a7C6xGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=138&cbvp=1&cstd=131&cisv=r20221109.64215&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Nov 2022 11:08:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 11:08:04 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame E115 60 B
60 B 267ms
34ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=162826336&extPm=322763903&gdpr_consent=&gdpr=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Bad Krozingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 11:08:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 13 Nov 2022 11:08:04 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 main.19.8.361.js Show response
static.adsafeprotected.com/ Frame E115 195 KB
61 KB 228ms
24ms Script
application/javascript 2600:9000:21f3:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.361.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b740430171fa7a89ca115cb487f49125392e27b345691c6108f17f5d671a05e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 12:22:11 GMT
x-amz-version-id: gcjqXnw05nq7qV1Q2jiA6pVMmpbN4QaY
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 341154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Nov 2022 11:15:09 GMT
server: AmazonS3
etag: W/"6056e31b2c36c679c9c6f433be61941e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: JehGwHaLfYQdqUS8mUw5hWi4t9aA9bHZBfvqIZwB_cN4TYfCRBcqxg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5165 1 KB
643 B 24ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Sun, 13 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E115 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 060ff3359d63d312a6aab259f8454251ea411fe4f3becaef5edbb96810bb9463

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E348 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7y45FNBwY6mBHeS6x_APxayXuA4AAAAAOAHgBAI&bg=!gYKlgsbNAAbvMpMzzzI7ACkAdvg8Wq5A6A--o8NmB6xqrt2tT2gEXMZcUY9ZB999pEIBlVCAltADMwIAAABlUgAAAAJoAQeZAvwqmar0Yew35jD5fdEX2VdvjJEC4SFjSqYHHf1RYIh3T5Bk1oNnvcSYR38AkF4eBprYHidwQCxqSkOSJkeT4GiBVdoj1zTBmCYskLFRHQEoXX8QB8iOagEUJWj-_oZYdvkYNwlLcr25rjC7zbgBC5MyZpioSpqwJSyKfYNiMajEvjqtFLeph0hs-ScwAyRAKNFAcWl1WzTNFG7QXR8M7VAEMFgKnL8wnidkDprEJxcHCqkCUohGZfUpJyesYEyIUwbbeG1o7N2_nOPi8qPKaCWlSByEFPwHVLZ-EDeg_ksc9Mnm2FDAh9wjLjwBx2bY5QUdTbCQu4ilgftLVJs7-PCWgCyKNr69aGXSZhE06jHmGpgcwyZn80RvmIByQZCideJ_86Rrs3RbCxnYv4iB0kJZMUWGaBtbv0S35OYT6dvIGlUrNkOd8MIE49gDdVg7yfO4Hz6j1thqgKaSuVvzWzyW0KUb0H_tn42l3T00mPAhFYLwp4uF0Yp01arpDPzBoiJsYnQm_Ys6GgmtEum4VFmeLahZf2I3VjDon0zeYanRMB_q2Fm79Us9rNGU3sgQiAdFD8FdPHFLDgLz3DRlD8CUIj2Tqv1fj2piAW2MR1_P7610fAqqVPXoBV7Sm-K46bz2el62ByUM38fWsmGtTJDc66OCGFmdaPoqMAyHTZo5fKDjg12ckbLAPtTD5D3bmDvGrS6G5zODmOKKiBsjwlPmr4pVkFrIsY7EY-rpN81QaYmWTgqTAlbcDY10mccwW168aQjtAmvK_4iND3X9LEejoq725Rlf38sh8E09jktDL4VLu8UYlO_pg_KXx7FmsJIqJTDH1RPXJ7t__VopcqQ9WVCGFYc6lVAIOx7VTlzvk39DaGmX04BES656LIBslpim7Rx3xB5N3g9F8mDfRqIez7c57f5Hz_fZpEA2hFOto-xWcM5Vc2WlOx7gJvqGhoUjr3jDo8FUPVrwoWz_TtPoncboy6ysZFDGsuAAW9DQW569sZc4n3lxmA8FPA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5165 35 B
463 B 83ms
23ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDoBQvtk6Tfs5NY_Z_zdFrM&google_cver=1&google_push=ASkJ3FaH_GNeXUMcNMWTKvFnlkDz91ToUHssCbdX-dTFTFtAwX8VkB4HYmH2BH2iH09M3mRBQzvzNU3Fc7v9PBr89yZN4snyd4hg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5165 43 B
351 B 82ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF7A4i4k6uOvVPSt61Azrto&google_cver=1&google_push=ASkJ3FbRbyok6i5Xen_jDu75TyHtb3_xq78JjuTxn_BVIzHAbtk2Byu5TVMFk4daJROHmRYlYnJUilaS9-R5phDw8b4T0eT6rdXy
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: c61u7snq8v57eequ0c2tjsaniu4hqpj2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5165
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UkU7Dq9LSwmDL3BnkFTntA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UkU7Dq9LSwmDL3BnkFTntA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYrLe3Yp6_5mQ95g2AD-R0TFnufF3N5I8UMwBCg8yqhLi_qLvjJcCsFxUCG5OnTBbZs8qTVcw1JrIIM_QCuv3iFvuCjX65v

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UkU7Dq9LSwmDL3BnkFTntA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYrLe3Yp6_5mQ95g2AD-R0TFnufF3N5I8UMwBCg8yqhLi_qLvjJcCsFxUCG5OnTBbZs8qTVcw1JrIIM_QCuv3iFvuCjX65v
date: Sun, 13 Nov 2022 11:08:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5165
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF_nNLW3V7qijhvil2-kiZ0&google_cver=1&google_push=ASkJ3FYSqsuQbQ-IS32PHPcdD861H_AjCFtlJd_yZr04MRNRIh5DVM558Dg50CAInCRi7wc6LbZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGOTZLR0QtMU4tSzNIMg==&google_push=ASkJ3FYSqsuQbQ-IS32PHPcdD861H_AjCFtlJd_yZr04MRNRIh5DVM558Dg50CAInCRi7wc6LbZ39S_JVKfTYWedJk7MiETeoXA

170 B
188 B

44ms
43ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGOTZLR0QtMU4tSzNIMg==&google_push=ASkJ3FYSqsuQbQ-IS32PHPcdD861H_AjCFtlJd_yZr04MRNRIh5DVM558Dg50CAInCRi7wc6LbZ39S_JVKfTYWedJk7MiETeoXA

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGOTZLR0QtMU4tSzNIMg==&google_push=ASkJ3FYSqsuQbQ-IS32PHPcdD861H_AjCFtlJd_yZr04MRNRIh5DVM558Dg50CAInCRi7wc6LbZ39S_JVKfTYWedJk7MiETeoXA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5165
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFvNuLltkcD4EsH0NUPGrug&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFvNuLltkcD4EsH0NUPGrug&google_hm=Y3DQFLkF0Zb_-1Yo4KWy5AAADIIAAAAB&google_nid=index&google_push=ASkJ3FbVo4rP1YlecXTk0ZT4w5LuCiZz6jAZH...

170 B
188 B

56ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFvNuLltkcD4EsH0NUPGrug&google_hm=Y3DQFLkF0Zb_-1Yo4KWy5AAADIIAAAAB&google_nid=index&google_push=ASkJ3FbVo4rP1YlecXTk0ZT4w5LuCiZz6jAZHkEIOTdDbHjR3Y569IecIl78ARfyYLola9KqPfqBR0hH6uLX9AOvkcyzt1enCqAu

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu2yazfaJ%2FP6SmD3Mgmgahul6BTKSJwhzHoDZuBfu0AdE%2FDGYaacu50Te1gzPbVPkx2nx6ulAPsxkJ4MRORXYgud4kfC9b5zTRCh0MqDIH8dwudaQcC5azXbU6aUsJhSC162a3sMlA0ZJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFvNuLltkcD4EsH0NUPGrug&google_hm=Y3DQFLkF0Zb_-1Yo4KWy5AAADIIAAAAB&google_nid=index&google_push=ASkJ3FbVo4rP1YlecXTk0ZT4w5LuCiZz6jAZHkEIOTdDbHjR3Y569IecIl78ARfyYLola9KqPfqBR0hH6uLX9AOvkcyzt1enCqAu
cache-control: no-cache
cf-ray: 76970c2339079bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 5165 43 B
296 B 304ms
44ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGFEfuA1CBTLQylOBCiuYKI&google_cver=1&google_push=ASkJ3FbNIe_OI1a9I682zUiVoiwSNeUmQHHNvXLZnfVvzILmdFySenPAOGR98_lbVtr_DSLBmHX3buL_s-03VcsRFCSCe6k4Iitl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 5165 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5165 0
12 B 30ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_tFJWGlm0rJaolDejPsT0crCZ7KVaeqW4U-BUv8Cxy-9xeNQWlwfl_WW68ttynUzvcrL7WQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 99F4 118 KB
40 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 06:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Nov 2022 06:28:55 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 99F4 64 KB
16 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 11:08:04 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 99F4 112 KB
38 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 11:08:04 GMT

GET
H3 200 de_DE_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame 99F4 87 KB
27 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27518
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 13:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 11:16:15 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1460 91 KB
23 KB 29ms
22ms Script
application/javascript 2600:9000:21f3:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4563109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: pKm1N29mKuSsuGAqgOOzMfuFBegMMuzgKoWMSExwm_jQGDl-iFaBVQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame E115 43 B
216 B 52ms
50ms Image
image/gif 34.251.78.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15487730381&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://www.twobillsdrive.com/&adsafe_url=https%3A%2F%2Fwww.twobillsdrive.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.twobillsdrive.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1067570087106119%26output%3Dhtml%26h%3D280%26slotname%3D9576657371%26adk%3D1579407397%26adf%3D1351812389%26pi%3Dt.ma~as.9576657371%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1668337683%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwww.twobillsdrive.com%252F%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1668337682652%26bpp%3D1%26bdt%3D687%26idt%3D357%26shv%3Dr20221109%26mjsv%3Dm202211090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1068x280%26nras%3D1%26correlator%3D6113789994663%26frm%3D20%26pv%3D1%26ga_vid%3D1993440827.1668337683%26ga_sid%3D1668337683%26ga_hid%3D861970050%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D618%26ady%3D1442%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C42531705%252C31070831%26oid%3D2%26pvsid%3D2626633310240274%26tmod%3D586679079%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3D2RPJty9IQ0%26p%3Dhttps%253A%2F%2Fwww.twobillsdrive.com%26dtd%3D371&adsafe_type=bed&adsafe_jsinfo=,id:bbbd8380-8201-a865-80d3-ca08d642d6f5,c:tQqhow,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74994c558b-s22cz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:270,mot:0,app:0,maw:0,fm:tn42U5X+11%7C121%7C13%7C14%7C15%7C161*.925113%7C1611%7C1612%7C1613%7C1614%7C17%7C18%7C19%7C1a%7C1b1,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:292,oid:721460b4-6343-11ed-a32b-de7b50877bf0,v:19.8.361,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ Frame 86D0 8 KB
895 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1668337682&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682649&bpp=3&bdt=684&idt=299&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=g3KNoaEVoF&p=https%3A//www.twobillsdrive.com&dtd=318

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 11:06:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 86D0 2 KB
765 B 37ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:42:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 86D0 23 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:42:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 86D0 3 KB
1 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:44:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 86D0 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86D0 154 KB
47 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 86D0 34 KB
14 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 20:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 20:20:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E115 43 B
216 B 569ms
173ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=bbbd8380-8201-a865-80d3-ca08d642d6f5&tv=%7Bc:tQqhpm,pingTime:-3,time:343,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:291%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:344,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:291,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tn42U5X+11%7C121%7C13%7C14%7C15%7C161*.925113%7C1611%7C1612%7C1613%7C1614%7C17%7C18%7C19%7C1a%7C1b1,idMap:161*,rmeas:1,rend:0,renddet:na,siq:292%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E115 43 B
215 B 562ms
174ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=bbbd8380-8201-a865-80d3-ca08d642d6f5&tv=%7Bc:tQqhpo,pingTime:-6,time:345,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:345,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:291,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tn42U5X+11%7C121%7C13%7C14%7C15%7C161*.925113%7C1611%7C1612%7C1613%7C1614%7C17%7C18%7C19%7C1a%7C1b1,idMap:161*,rmeas:1,rend:0,renddet:na,siq:292%7D&tpiLookup=ao:www.twobillsdrive.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 86D0 0
0 86ms
65ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvY_1E9BwY856jvGewQ-CoKLoAurJoaFt1q610IsQyfOqs6kOEAEglOfsA2CVypmCrAegAa_K-MUDyAEJqQJAMbvREFyxPqgDAcgDywSqBNsBT9CLSR5p0iUsq-qNMGz1AydqWqpyZO5zuioMAIO6bk2jt29Adnwt5JgRxEA59Juh-q9RE3Z3kRri4UxoJcJ_VV-FBlbIw3cl3C_c9FEkuz6sFPysspKfyDxpKxoLm0Y-vZvTcFZ1R8mDfgPwHC7F_FBVc0HPYGi8erBOPQSFn-B5rvldKjpyD5A_azBKCgSMbeFjfSQEGzqq_tiKyfDiiY801lKopWjays5G4ZV3Ax6g8FgKdmKusjiLJ10dtRmFwvqEzL-zOmsRagWwlTHSlR_8g7AUhrZbvbQ2wATksLecmAOSBQQIBBgBkgUECAUYBKAGLoAHyd2HE6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL3za9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQH0BUBgBcBshccChoIABIUcHViLTEwNjc1NzAwODcxMDYxMTkYAA&sigh=VBzuCmbhfB4&uach_m=[UACH]&cid=CAQSGwDq26N9A3UakLoL5KfwKXim42Up5Qy2QCt5FBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=5250278416&adk=1669896828&adf=2369281301&pi=t.ma~as.5250278416&w=1068&fwrn=4&fwrnh=100&lmt=1668337682&rafmt=1&format=1068x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682649&bpp=3&bdt=684&idt=299&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=g3KNoaEVoF&p=https%3A//www.twobillsdrive.com&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Nov 2022 11:08:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E115 43 B
215 B 520ms
174ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=bbbd8380-8201-a865-80d3-ca08d642d6f5&tv=%7Bc:tQqhqb,pingTime:-2,time:394,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:263,beZ:264,mfA:534,cmA:536,inA:536,inZ:540,prA:540,prZ:548,si:555,poA:556,poZ:578,cmZ:578,mfZ:578,loA:608,loZ:615,ltA:657,ltZ:657,mdA:265,mdZ:518%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:291%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:394,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:291,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tn42U5X+11%7C121%7C13%7C14%7C15%7C161*.925113%7C1611%7C1612%7C1613%7C1614%7C17%7C18%7C19%7C1a%7C1b1,idMap:161*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:292,sinceFw:101,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8792642740506519567/ Frame 86D0 36 KB
36 KB 28ms
23ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8792642740506519567/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4b6dd99f9e9ef940ada34ca0ea9b886e1f5995494fbbb6d605954e0a6a6892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 04:24:01 GMT
x-content-type-options: nosniff
age: 369844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37063
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 06:10:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 04:24:01 GMT

GET
DATA 200
OK truncated
/ Frame 86D0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 86D0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 28A2 47 KB
13 KB 43ms
43ms Script
application/javascript 34.251.78.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234279273&pubOrder=2158122228&cb=1634466209&adsafe_par&impId=&custom2=&custom3=
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a3a61c373eeeeebeada10b56e92090bccfac97a0f2257f7a499e991d22810578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D09C 0
0 113ms
57ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1w2u3HrBGKpLW8mAV_pTh6qB23KvDilXxUVQgRGnSPdI-Q1LPN3fQcJ7I5czQuwydmCyKqzReKZLxnmvKbgojrHk7-M9gCWiYjACUNIeXyob43roJMTw2364jIvW3YabIqo6XCv9ew-AS4j74HqAINagaeFrNxo7xr1UNUak3MYE6h-it2bBjqZtHmRx93RK66qpfeyxRj1K0qYMr5ka5ymJp3YE420UWhBE1VuoXlikucZwpfAemk74-0vRWIZIRlhNY94dgVLo_es479niiTPatxiLs02TytwVSfrJQdvpwZ1udQ0450AAet-IXchwG65GY_QsON0fZPbyFe5m4nXM7pH2grFRC3M-4DyysrTKJrNCJnBhe7gDmG3M5piGtXPQ7&sai=AMfl-YQpujKLL6RGjn2bsBLX6fX-fUJVZ1nSnQOWZlmMzUVDKzjgm1rDg2eP8tI5znbo0MD8DVhX2tM0lmLYrFoJ-vIDWAcDOINJct4M8rxvrf0JJ98hEo89gUcc2b2rM410y7N2&sig=Cg0ArKJSzDiw4j-KwI73EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E115 0
0 110ms
59ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstD7m9GeaTP-7QFg0YfhJA1QzVqhXhW5uv8QFxktwnrIKAJ212n1Zr5wWVW5IxyOx2A7xdd7Jcot-4rW8AzJ9W1Kfvm1wsijWjSWCtpBA1Q09_8mpi4pA9Xdrd8hm5YDlqxuM6sV_x7v6Ze5Wp7W8foMoE59L1CYaGhLTtk-1X1KySpJrh8Rh61v2KfIbgX1ABDrDjxDMozRwbElb1BqZdD1IjGbnB7DSMpyGpMgJKam4PwwhqRsmm88SPZJZV3FpbKvW4xnFz1F1tat6GWpn9blaobQrVVxqeYVUH8XDtkCnVmWmT5H8V1UaySVK0U8FQnNcnAzSKWs1l1O6X37qKvXdrVFSYPys5dB462DIuzb03WQLA2oufZdODV7Trkt8sPJIGOqs2R2T1BOj6nBFqm9BI8IfRUbBm0NbUdID0gcvb5o2vJ1ff6opuvlD7uzA5btJTIR9-v5UEQywz8O5Wg0d9oqM4IYP_v9-JlqnyrVjZPArUk-ZKSCSi9BMvncWczpGcrakBxOEf_DlbwlGIki19cJ1Wp6c1l_aQzZfgZAyNwZp6y7Q8-4MS2k_GH6a91XeFIcB_c0qpKrrN0vQN422n-uzKaALHDnxtf0eB0_jDY7z76rmjeNc2kYys2osk-oH83dG0XsI_UZyd4bJnlseQT-EnxVoBc7yoIBKTEPB5PBDakzT-NoczVCHiDqVAJx2ZnCzGNUvheU2tyqT_0rF0YStk1iVX1dfdL9BkS5DYxEusJTHlURMzr2366Nl6S_kXrVlqsDC6I-BkKH836kR1XbBR9co0d9hjwAvSGnSmsl15mWAxMzjlx6FJUuDQg2qj4zzDa64n6xRe3-ObxCuY1K6VD0Qz9BOjt6Hmp-hvjsgIF-AzgyRGGlm5dn8yIUrS4vp3kevHEnerfIvB07zmq5X5vIItPMZ7AAhzI4YEZytIAk9mbnV9vtlF23KQlT1vYqY9PaxCdOzLz2o9Tq4RECsovMl44u5EiWF40l8hf9FN6zFqHrE19I6Ssla3o_Bb4UpFSy_O_dbQf4PNPD8zLYoxRnxncICT9slyUq8zdsUKPHcsn8IypkMMOtGqeDkqKd_VPJ0r1EyI9KonDEE9eDWblzQlRn97RyJAdXUAJgOaUDk5y8HFDbmTPBRZBx5NEY7PZH5s5dVmT7jtX-_ujUDbzx1vdorrcF6AJ1T5nL_LM7uqUYOB6JDfzBej1_EYoeZ3Id9hd5w8js2v2UX1T-vMUD51jd_UsGABM8TXynCCamLOm4iUdWoRq9fqXyxMR9BQaMDeIJSVCxJHiZE1oueC8iyF1_w&sai=AMfl-YR32pQU6McdkB6kEAGXMwlqsh81i7b8igg3qZ6NCLSwPIZm_vY2pmXX0kzPLsWQWFvc5vWtbpGLQd6JcBIXI2xDT5o8FFcC5QNgEAIUZ56DDpbTJbaXag-qjYqxWGHsYjrpvus6vbDy236UjEhZ7sUKzY9H2i66pB44n3m9wJ56U8CeNfSUcQKNB4jowG9m2RsQtXV0F2hDQd4tqrE&sig=Cg0ArKJSzCFiq2a7C6xGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=619&vt=11&dtpt=481&dett=3&cstd=131&cisv=r20221109.64215&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 99F4 7 KB
6 KB 81ms
34ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0841cd05b3654e1361d8349d4c8f41c07e0bea1d55d102218454a7408ea580ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5700
x-xss-protection: 0

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 392D 47 KB
13 KB 43ms
42ms Script
application/javascript 34.251.78.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1935118248&adsafe_par&impId=&custom2=&custom3=
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 08897be3e83cc8a4a4194eb62943160675c84da33715a4a749dfe2a3d764d070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E66A 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzYnCTTw1P3jBpcNwQvHjQY0zaZCb4mq-jrNBEt7njTEK5ybYIqgqx2N4-Z68CbOsFbg8GANfQSvtwuP4_IMJoY9IS8Jqa0PMgXY1cIpXeACB-Ss76yKfrgslThs6RrurnuGkArrdWM5706NqfShTDDawD_0hVrv9N2ffjZRuZXK-1rZCuDf1AaoYSZeDiOqMDkJtr5UvKTQy0aVV7wpNRTs722fjgXntdBHN3Lu_dXMuwF9ZFtuPb13h606m11Rl3fM43OVGpeyisPP3mQGTjLsPwWxz4bma2t6X8eOrVtWWvUEqgYzesZ0IuimVFcBCPwdyHpn1r58Y75vDgYa4M_5XuKBfGyXRATY0dkxPRNLOI8Expf6D9hfQYcrqA1gIj2jY1&sai=AMfl-YQTF55YAev9E_8tIiewNXRWRJqR6QVWC93Vt7FlXRRxI7oF1nO3kB0HszS1l9Og90cw94gOfKyKvfAWL7aeTQP5M9wuRr6wdjdW00O7VLbVeaoZzgo0ZWjQLQZFNm5pIQbnMw&sig=Cg0ArKJSzCtYfkjIEuIkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
DATA 200
OK truncated
/ Frame 86D0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa280f3b9117ea04aad8b275d9ddf929b92ec6e48ef6f1acf065242843ac8e27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 99F4 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 11:08:05 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 86D0 28 KB
28 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 353054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 09:03:51 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 265C 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 10:12:19 GMT

GET
H2 200 main.19.8.361.js Show response
static.adsafeprotected.com/ Frame 28A2 195 KB
61 KB 25ms
24ms Script
application/javascript 2600:9000:21f3:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.361.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234279273&pubOrder=2158122228&cb=1634466209&adsafe_par&impId=&custom2=&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b740430171fa7a89ca115cb487f49125392e27b345691c6108f17f5d671a05e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 12:22:11 GMT
x-amz-version-id: gcjqXnw05nq7qV1Q2jiA6pVMmpbN4QaY
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 341155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Nov 2022 11:15:09 GMT
server: AmazonS3
etag: W/"6056e31b2c36c679c9c6f433be61941e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: s93wGqwUIC_t-ATzPOaRStDS-8pF4FPtYpsx5r7Q6fjVn1K_sDeitw==

GET
H2 200 main.19.8.361.js Show response
static.adsafeprotected.com/ Frame 392D 195 KB
61 KB 29ms
28ms Script
application/javascript 2600:9000:21f3:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.361.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1935118248&adsafe_par&impId=&custom2=&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b740430171fa7a89ca115cb487f49125392e27b345691c6108f17f5d671a05e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 12:22:11 GMT
x-amz-version-id: gcjqXnw05nq7qV1Q2jiA6pVMmpbN4QaY
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 341155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Nov 2022 11:15:09 GMT
server: AmazonS3
etag: W/"6056e31b2c36c679c9c6f433be61941e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: aoq9i-jqWTcYLnkhuVjhy2A6x0bkj6_tNhwNsT-1SRlvNzgG0uYpbA==

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 20DC 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 10:12:19 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A3B 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 10:12:19 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B890 91 KB
23 KB 23ms
20ms Script
application/javascript 2600:9000:21f3:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4563109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: LH7ZjdDM5LB3WJdeMQklHh9yEBZ1gpJ4MGdPxdz8Zk9RxmKs9ygRnA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 48ms
48ms Image
image/gif 34.251.78.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=922805&campId=1x1&pubId=4452084168&chanId=23200608&placementId=4685314778&pubCreative=138234279273&pubOrder=2158122228&cb=1634466209&adsafe_par&impId=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.twobillsdrive.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:7107df93-e8a7-e4d9-1974-e954bd6d0577,c:tQqhyq,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74994c558b-f9srf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:215,mot:0,app:0,maw:0,fm:tn42UgQ+11%7C121%7C13%7C14%7C151%7C1611%7C1612%7C16131%7C1614%7C1615%7C17*.922805%7C171%7C181%7C19%7C1a%7C1b11,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:230,oid:726bcf3f-6343-11ed-a1a3-aac9fa8b6037,v:19.8.361,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 30C2 91 KB
23 KB 21ms
21ms Script
application/javascript 2600:9000:21f3:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4563109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: sx9fPO3EOUN6JhzELlVHjC1F3YkgKj-B_SIYY6FIXaSiduOpx8Oc3A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 50ms
50ms Image
image/gif 34.251.78.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=922805&campId=1x1&pubId=4452084168&chanId=45050208&placementId=4685314778&pubCreative=138234325685&pubOrder=2158122228&cb=1935118248&adsafe_par&impId=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.twobillsdrive.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:fbbbd39f-881c-1de1-3982-2515b269f75f,c:tQqhyJ,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-74994c558b-gfj8b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:235,mot:0,app:0,maw:0,fm:tn42UgW+11%7C121%7C13%7C14%7C151%7C1611%7C1612%7C16131%7C1614%7C1615%7C171%7C172%7C18*.922805%7C181%7C19%7C1a%7C1b11,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:244,oid:72774148-6343-11ed-a666-4251be3e817f,v:19.8.361,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.78.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-78-188.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E115 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=bbbd8380-8201-a865-80d3-ca08d642d6f5&tv=%7Bc:tQqhyT,time:934,type:e,im:%7Bpci:%7Btdr:196%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:934,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:291,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B661~0%5D,as:%5B661~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tn42U5X+11%7C121%7C13%7C14%7C15%7C161*.925113%7C1611%7C1612%7C1613%7C1614%7C17%7C18%7C19%7C1a%7C1b1,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:292,sis:488%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E115 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=bbbd8380-8201-a865-80d3-ca08d642d6f5&tv=%7Bc:tQqhzm,pingTime:-10,time:963,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668337685668%7C%7C2ef560a7de24aed55ae2cf0a5b0ce421%7C%7Cf8b8963e850cee297829880103706300%7C%7C01ea8b2040609fd22f77bed24ccdec1f%7C%7C64261a620a85c1b1e8d99d87bc5cd0d1%7C%7Cbb93b749d2b6e34cb749970033a673b6%7C%7Cdd21a0ac79a5637ed93fc4afecb246cb%7C%7C383aee1d04746e489765f0db3a8819cb%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1067570087106119&output=html&h=280&slotname=9576657371&adk=1579407397&adf=1351812389&pi=t.ma~as.9576657371&w=336&fwrn=4&fwrnh=100&lmt=1668337683&rafmt=1&format=336x280&url=https%3A%2F%2Fwww.twobillsdrive.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668337682652&bpp=1&bdt=687&idt=357&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1068x280&nras=1&correlator=6113789994663&frm=20&pv=1&ga_vid=1993440827.1668337683&ga_sid=1668337683&ga_hid=861970050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070831&oid=2&pvsid=2626633310240274&tmod=586679079&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2RPJty9IQ0&p=https%3A//www.twobillsdrive.com&dtd=371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=7107df93-e8a7-e4d9-1974-e954bd6d0577&tv=%7Bc:tQqhzQ,pingTime:-2,time:318,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:205,beZ:206,mfA:419,cmA:420,inA:420,inZ:422,prA:422,prZ:431,si:434,poA:435,poZ:445,cmZ:445,mfZ:445,loA:498,loZ:499,ltA:522,ltZ:522,mdA:206,mdZ:239%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1668337685673,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:230%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:318,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:229,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B102~0%5D,as:%5B102~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tn42UgQ+11%7C121%7C13%7C14%7C151%7C1611%7C1612%7C16131%7C1614%7C1615%7C17*.922805%7C171%7C18.922805%7C181%7C19%7C1a%7C1b11,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV.us.sn,siq:230,slid:%5Bgoogle_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2a/sports/football/nfl.main_0,google_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2a/sports/football/nfl.main_0__container__,usmg_ad_SMG_TwoBillsDrive_300x250_2a_sports_football_nfl.main,sidebysideads,genesis-content%5D,sinceFw:88,readyFired:true%7D&br=c
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 175ms
175ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=fbbbd39f-881c-1de1-3982-2515b269f75f&tv=%7Bc:tQqhzR,pingTime:-2,time:313,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:136,beZ:137,mfA:371,cmA:371,inA:371,inZ:373,prA:373,prZ:377,si:379,poA:380,poZ:387,cmZ:387,mfZ:387,loA:430,loZ:430,ltA:449,ltZ:449,mdA:137,mdZ:179%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1668337685680,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:243%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:313,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:243,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tn42UgQ+11%7C121%7C13%7C14%7C151%7C1611%7C1612%7C16131%7C1614%7C1615%7C17.922805%7C171%7C172%7C18*.922805%7C181%7C19%7C1a%7C1b11,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV.us.sn,siq:244,slid:%5Bgoogle_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2b/sports/football/nfl.main_0,google_ads_iframe_/71031003292/SMG_TwoBillsDrive/300x250_2b/sports/football/nfl.main_0__container__,usmg_ad_SMG_TwoBillsDrive_300x250_2b_sports_football_nfl.main,custom_html-2,genesis-sidebar-primary%5D,sinceFw:69,readyFired:true%7D&br=c
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=7107df93-e8a7-e4d9-1974-e954bd6d0577&tv=%7Bc:tQqhAk,pingTime:-10,time:348,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668337685668%7C%7C2ef560a7de24aed55ae2cf0a5b0ce421%7C%7Cf8b8963e850cee297829880103706300%7C%7C01ea8b2040609fd22f77bed24ccdec1f%7C%7C64261a620a85c1b1e8d99d87bc5cd0d1%7C%7Cbb93b749d2b6e34cb749970033a673b6%7C%7Cdd21a0ac79a5637ed93fc4afecb246cb%7C%7C383aee1d04746e489765f0db3a8819cb%7C%7C1663701684,sca:%7Bspg:bbbd8380-8201-a865-80d3-ca08d642d6f5%7D%7D
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=fbbbd39f-881c-1de1-3982-2515b269f75f&tv=%7Bc:tQqhAI,pingTime:-10,time:366,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668337685668%7C%7C2ef560a7de24aed55ae2cf0a5b0ce421%7C%7Cf8b8963e850cee297829880103706300%7C%7C01ea8b2040609fd22f77bed24ccdec1f%7C%7C64261a620a85c1b1e8d99d87bc5cd0d1%7C%7Cbb93b749d2b6e34cb749970033a673b6%7C%7Cdd21a0ac79a5637ed93fc4afecb246cb%7C%7C383aee1d04746e489765f0db3a8819cb%7C%7C1663701684,sca:%7Bspg:bbbd8380-8201-a865-80d3-ca08d642d6f5%7D%7D
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:05 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 300x250_NH_G_WD_Airport-Network.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame 99F4 11 KB
11 KB 24ms
23ms XHR
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/300x250_NH_G_WD_Airport-Network.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c86032853dc3fe73624a22047f065fa8a79e9c62bc18f01b6daa766376b66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:58:03 GMT
x-content-type-options: nosniff
age: 602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11019
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 09:52:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 11:13:03 GMT

GET
BLOB 200
OK f0c9b200-1593-4a3a-9228-1b585dfc53bb
https://s0.2mdn.net/ Frame 99F4 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/f0c9b200-1593-4a3a-9228-1b585dfc53bb
Requested by: Host: www.twobillsdrive.com
URL: https://www.twobillsdrive.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61c86032853dc3fe73624a22047f065fa8a79e9c62bc18f01b6daa766376b66f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 11019
Content-Type: image/jpeg

GET
H3 200 de_DE_imageanimation_NH_G_WD_Airport-Network_300x250.js Show response
s0.2mdn.net/creatives/assets/2987685/ Frame 99F4 40 KB
23 KB 22ms
22ms XHR
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_NH_G_WD_Airport-Network_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36fc608f9bfb6c007ff8ea202605b8aa67ac1c1f8915e0c42793911bf393638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23712
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 11:53:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 11:09:20 GMT

GET
H3 200 js-animation_de_DE_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame 99F4 66 KB
18 KB 22ms
21ms XHR
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3968893158595306590/index.html?e=69&leftOffset=0&topOffset=0&c=Hl8XcrfPch&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18063
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 17:53:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Nov 2022 11:13:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 38ms
38ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e14f3f3ca55197bdd2123a0a7862e6980396131f57b64295bcf17d386cce467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11175
x-xss-protection: 0

GET
H2 200 NH_G_WD_Airport-Network;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqduxmIKr-wIVZN0RCB1F1gXnEAAYACDgkNJNQhMI5Pral4Kr-wIVZ2qkBB17YgJu;stragg=1;&timestamp=1668337685939;str=LH/NULL/348/amadeusBestPrice/ Frame E115 42 B
494 B 134ms
61ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqduxmIKr-wIVZN0RCB1F1gXnEAAYACDgkNJNQhMI5Pral4Kr-wIVZ2qkBB17YgJu;stragg=1;&timestamp=1668337685939;str=LH/NULL/348/amadeusBestPrice/NH_G_WD_Airport-Network;strtype=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js?cb=31070867

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 11:08:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C09 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 10:34:13 GMT
expires: Mon, 13 Nov 2023 10:34:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A51 783 B
534 B 47ms
46ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

846c5f4c87b66c395696f19d2d91b79482f52ad22bf63276b7791eb3ef362e4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zg9HrZVtedo_00e5aJcP8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twobillsdrive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Zg9HrZVtedo_00e5aJcP8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 11:08:06 GMT
expires: Sun, 13 Nov 2022 11:08:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 99F4 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C09 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 10:12:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A51 0
0 55ms
55ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=2626633310240274&rc=05AHrz1vZ9nEsISzWLSM7VHUrtXtOvvViui3zLgWus56907EWwbGcTDWYOpCC3dmGeYjd4KEuYAaFKjiAOVeSr_kOVVIOrRxcFMsAmSOCERPr3_tRLPm7AAVJcCldHTZmmg2-_EU9MjgfQGrwxBQAmALh01-vyiDRXcrrEsrIZfnyyI0GKTPwSpfr3I9NqbAKZEJnSQLb42ly6PijuCA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C09 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TrC9pw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:08:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 86D0 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4OoPpVOcR8U6x1c9CkatUNOtNlEedjHz3EmRoUWhjOmYv9BX623AAd4wI_cY6osv7qrWMeBErjzlJiTizBX-iO8olsd3YAolF40BwbHSF9ZkkdXYebWBVgossh_mkJBfyng68qg&sai=AMfl-YTEOvin8Xe4eygWKLjzzQbtGYpb2-hs5y-Rm39CvsRj3198Owc4dMOihVZmqOsyM9boZHgMIxqK12M3sEo&sig=Cg0ArKJSzAJ1tg9E73vxEAE&cid=CAQSGwDq26N9A3UakLoL5KfwKXim42Up5Qy2QCt5FBgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1068&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1669896828&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668337682969&rpt=2440&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=2626633310240274&bg=!g4ClgMTNAAbvMpMzzzI7ACkAdvg8WqKQ-zcf5ojt6Ai9Mt5uUOLW6eNSrCJpf-dhTVhldBdSq9OmEQIAAABTUgAAAAVoAQcKALajJvZfbHiWKBmuXCmmM5bDt2oNBEO6cjnJhSswcYhcptdw2ObOGxA939yIXJ0rSKfDzk5NFgM85NSGFiWfyZPAdGmCMGxU8p8iXKbdBZdl7pg54QG8n5g5Ny844GutPyFsW-HA-G61UXRFhGJsbOo_PYorbH5FGmBvhL6xOwKNi7eGRo2rezp-Kmjt5uYrs7EAV4EmUkj1KFYOQQTtqGBmnNukIPV6jAdm9Qv7mPOvLjnJR3HUHJkCq0_VLUxvxaZ0UOmNCIfugOA34jbxvS52-LW8OOtReAuo-C5AFnPhryzv24Ff-LJymIq516XSyPkGunEluayQTDpz2cCCySUUc6nk6E2B6PLb39YX1smlqFTsk3mQaBaU-DNmh3Y_P50iCBSao0llerxpmGXln8LsVzXp-tk6fnWpphNgxHU5CXLeEni8xkX11ezWgGgwXBNfKr-QJXxqRpUMY1KAjMbarhBwpJZ9Q_W1gkqxB2xg85etZHheyUGOfxV1PCokQqBY3pp2xmVr2Sw4sXvilgddQ9NWU3WRv7_iWif5Tx2vAaoMW_g9mUx4GzJjaODheEt0e8IivJ6FshvxmVU2tyyZDojGzkxW_musAXl_Q3zEqLZZgXprabrz5Ayvc0HZeVp8YvB5fB38NLxiaeXB152oiQ7cZ8Foyl_Aqoh3LSzbRGw2lsQnlw6fJCT0qGe8pDlnpjDcN9C8E914nfZNhg0x-ba_RNqt7X7cevegB8l_1rgIcOXdNE2z20h-0zT02atyCcEO1i7g2nHBRNI8LS5QCDY4momm10FA_zMzv2d8eGJMWKXshpWjgO10I11Hfgq3QAbbJjbHsOrtu9eRHbBI1NwRWXFAMGdtRwdlbVi32kC-emHeD7nmCE7lMYBMyNWBODK6i27z3QvJuqXt9ituI5omR07bfaJ0VHW0ocaJdvCwpRjj8v8TksTR7xqvAJaHrP1E2LuV8jdRuJcMhYczYtrqntN1HySutnaltTvXHIYdEpE1drtJoyy_gF4Y68E68ZK2Y6mcizsorOVabnLWCm0OQAIG0lu-Kjfn4tJfFO2Rved2RnPUOjsjZtl-U4T1bSUUInrLchnLGGiqbpSzCANscRS2DZ2j1u9BXnTra5BdKkrDeEEgb2ZJRkQ4gorO02yw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=7107df93-e8a7-e4d9-1974-e954bd6d0577&tv=%7Bc:tQqhQB,time:1357,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1357,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:229,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1142~0%5D,as:%5B1142~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:178,fm:tn42UgQ+11%7C121%7C13%7C14%7C151%7C1611%7C1612%7C16131%7C1614%7C1615%7C17*.922805%7C171%7C18.922805%7C181%7C19%7C1a%7C1b11,idMap:17*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:230,sis:325%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:06 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 182ms
182ms Image
image/gif 2600:1f13:800:7780:5601:6478:79f5:9959
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=fbbbd39f-881c-1de1-3982-2515b269f75f&tv=%7Bc:tQqhQD,time:1353,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1353,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:243,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1117~0%5D,as:%5B1117~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:177,fm:tn42UgQ+11%7C121%7C13%7C14%7C151%7C1611%7C1612%7C16131%7C1614%7C1615%7C17.922805%7C171%7C172%7C18*.922805%7C181%7C19%7C1a%7C1b11,idMap:18*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:244,sis:323%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5601:6478:79f5:9959 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.twobillsdrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 11:08:06 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJM-MBeli660AUA-ihlpV5Q&google_cver=1&google_push=ASkJ3FYENh0xAuG4FlJJMoXvwhclQNWtY9IyeWXasSPvnIZgBGe38rZbWvumZFNZJucHIjtEDavgKSWlEDHSWSHouFR3Q73qU81S

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 11:44:49	Name: _GRECAPTCHA Value: 09AHrz1vaXluI09g9-GJA8pMYg36TMF68eozV7PoORen54WtsnObFLaz6t-KDW6w_VH7jfLR_3sY1kkNnP_WMPKFo
.twobillsdrive.com/	1970-01-20 17:01:37	Name: _ga_BNL5YS2GQS Value: GS1.1.1668337682.1.0.1668337682.0.0.0
.twobillsdrive.com/	1970-01-20 17:01:37	Name: _ga Value: GA1.2.1993440827.1668337683
.twobillsdrive.com/	1970-01-20 07:27:04	Name: _gid Value: GA1.2.850756078.1668337683
.twobillsdrive.com/	1970-01-20 07:25:37	Name: _gat_gtag_UA_5355045_1 Value: 1
.twobillsdrive.com/	1970-01-20 16:47:13	Name: __gads Value: ID=4c35f422be038d30-226d2431aace0001:T=1668337683:RT=1668337683:S=ALNI_MYlvVoDlPYdF550qUYNo154WFTxmQ
.twobillsdrive.com/	1970-01-20 16:47:13	Name: __gpi Value: UID=00000b80a2ceac86:T=1668337683:RT=1668337683:S=ALNI_MaDUN6bEHtvctHCL-aB4RiFyfZVig
.criteo.com/	1970-01-20 16:47:13	Name: uid Value: a0158fe7-c903-4ed9-aac0-e0ccd9cc3a9b
.twobillsdrive.com/	1970-01-20 16:47:13	Name: cto_bundle Value: b7xFoV9DNmd3blZFMWtBNEtYTVpISG53ZUpJMzVvTnJob1BTODhsTmVuNmtVT05TZkJSNnhHQm95bFNzJTJCWlh3TWtUOXdiV3czV0c0R0VKTW1FZG0lMkY2ZUdOYThvWE9iVnR4NEVacWJKRUl1VTFvb3RqYWhLYnNHVFBxS0IwRVZyTmlEa1ZrZ05sRnpiTkFwMjVkblRwOUFtenIxVG14ZjNaNEk3UWpuSjdoQ29KY29zJTNE
.doubleclick.net/	1970-01-20 16:47:13	Name: IDE Value: AHWqTUk6kCN4Vr7RzgR1gqV5JaCKVKOORczGENnKEJLRwUiYHSmaWyvN73kVQGsmIsM
.adnxs.com/	1970-01-20 09:35:13	Name: uuid2 Value: 7949392015512388772
.adnxs.com/	1970-01-20 09:35:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVI8mlL)!@wnfH8K6pQK`!5=E<L5?%K-f_'??.R/L[8O3aUjDneO7Cv@<9y#2mdrE$EbpRzqF1`b^>Q)kU-r
.casalemedia.com/	1970-01-20 09:35:13	Name: CMPS Value: 3202
.casalemedia.com/	1970-01-20 09:35:13	Name: CMPRO Value: 3202
.casalemedia.com/	1970-01-20 16:11:13	Name: CMID Value: Y3DQFLkF0Zb-.1Yo4KWy5AAA
m.exactag.com/	1970-01-20 09:35:13	Name: exactag_new_gk Value: 0d12bbddec3249c5ae412bbc39bbc69f%7C12.01.2023%2011%3A08%3A04
m.exactag.com/	1970-01-20 11:44:49	Name: exactag_new_uk Value: c9eacf8eddd2497bb716ad3f68768108%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: b7ec5bc732174b72bfc76b21
.doubleclick.net/	1970-01-20 07:25:38	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 09:35:13	Name: d Value: EHcBCQHIJ4EA
.quantserve.com/	1970-01-20 16:55:52	Name: mc Value: 6370d014-efba5-af8a8-6abf6
.casalemedia.com/	1970-01-20 09:35:13	Name: CMTS Value: 3201
.pubmatic.com/	1970-01-20 07:27:04	Name: KTPCACOOKIE Value: YES
.innovid.com/	1970-01-20 09:35:13	Name: uuid Value: b17c0a22-2762-4964-8e54-04cba847940e-20221113 06:08:05
.pubmatic.com/	1970-01-20 09:35:13	Name: KADUSERCOOKIE Value: 52453B0E-AF4B-4B09-832F-70679054E7B4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.bnqt.com/lib/sdp-dfp-helper/site_config/smg_twobillsdrive.js?col=531387552 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJM-MBeli660AUA-ihlpV5Q&google_cver=1&google_push=ASkJ3FYENh0xAuG4FlJJMoXvwhclQNWtY9IyeWXasSPvnIZgBGe38rZbWvumZFNZJucHIjtEDavgKSWlEDHSWSHouFR3Q73qU81S Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8708c5f26fd3f3346f54dda9dccc78ca.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
img.bnqt.com
m.exactag.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.twobillsdrive.com
googlecm.hit.gemius.pl
104.18.18.126
107.155.81.11
142.250.181.226
142.250.186.34
151.101.194.62
172.217.18.98
178.250.2.146
185.64.190.78
185.80.39.216
2001:4860:4802:34::36
213.202.235.9
2600:1f13:800:7780:5601:6478:79f5:9959
2600:9000:21f3:2400:8:48e:53c0:93a1
2606:4700:e2::ac40:850f
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a02:2638:1::13
2a02:2638:1::3
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
34.251.78.188
35.227.252.103
37.252.171.149
69.173.144.139
0030dbbcc9aedbb1c65f512017f0fbe98c584263c7826b5312fb1ad708db9da4
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05180a8df0f12c99deae4f68f46f538d5f627d89622f31b827785a2a23a51087
060ff3359d63d312a6aab259f8454251ea411fe4f3becaef5edbb96810bb9463
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
0841cd05b3654e1361d8349d4c8f41c07e0bea1d55d102218454a7408ea580ef
08897be3e83cc8a4a4194eb62943160675c84da33715a4a749dfe2a3d764d070
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f0d15684e1616710dd19d7eb5382d649aaf85a5b71755e89e5f9e8770458f5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
262b036358d9b9494f2f9b0854aa1214831f14196cff56817045f3f554768fe8
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
275c6effb33e08e825900aedaabf18dd1f7fc76083d875d2a518271491bb8dc8
2944e0ebe135a57c4285876ab58fa6fe886ff10798373a3a4d29b2ec158a5d2e
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c4b6dd99f9e9ef940ada34ca0ea9b886e1f5995494fbbb6d605954e0a6a6892
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cfa2d42c23d09e5abf6a24c17e3eebfcba7d3195a78629db226accf8d23f18
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
604a919a9564e055dd6c3ae23939cad26c61ef5585a8a86116472e20845a7e03
60bb66a4066547ae8ab6db3ca66053088fd5b5215d6ced7acfe2bac1842b6327
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c86032853dc3fe73624a22047f065fa8a79e9c62bc18f01b6daa766376b66f
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d01379df3f51e2baba9d09c22ca5110255bc26603971084eaa466bc843f8434
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
73fb5586354b608df564d1c6801db54a5f69bec7020b39facb25f4281e335f5d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8381e58dd34281d45967d35eebcd12f09854a87031fc7bbc2995dd6a5f301454
846c5f4c87b66c395696f19d2d91b79482f52ad22bf63276b7791eb3ef362e4d
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8e8ca1394697fa7e65c99fc23487b40e8af03df891e3e649eb26016002453f10
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c93c8cb8b47f548f90d19084d2072e43477ef37a1e290c11e99db25fcbff72
9a2cea9386522f8c5ae6d06f772b6c6b49c2672bbc13250f63cc81842387cd26
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e14f3f3ca55197bdd2123a0a7862e6980396131f57b64295bcf17d386cce467
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3a61c373eeeeebeada10b56e92090bccfac97a0f2257f7a499e991d22810578
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a98f603d4c61be461b7dbc7528533e828d00af4ff48430fe4bb7f15c6f6f598b
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36fc608f9bfb6c007ff8ea202605b8aa67ac1c1f8915e0c42793911bf393638
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b740430171fa7a89ca115cb487f49125392e27b345691c6108f17f5d671a05e4
b93d3f3bec569b72ef2844c27f5e3698c2fba1180f8bd96950deced5e7919fc5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1d764eecff47574d12a39acb9197e0c59d069b6da9d4e5ee0c4fa926ae7c95d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
cc04fd4465fb5c457213d1d159c8066ed348485dd2f8e1682e5cad5db7bdc91e
ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a
cf536fd4bbea75d7b2642a5848edd48d05f6e5890f8b5cf3476470bc12d68b1c
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d307925187209def35c8e37d1a93f9335544ec749acf339290b5a0405157879a
d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
da9c67067b9fdaac2c59183d06dd6ed1443b368c0af95f8bc354f60c7eadbddf
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
dfacae8e076f571140b80e646c638d5d6985bd358f56b9628a4644f94917a1a0
e04cc83c1adf476bd37d786e07ffde44b8bf8590296c54e8f1f36e536adac824
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
e598314eed894287f43d0a3579b75cd83a50056b37c98f9ad1ffea47e9bc7076
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ec25a8aca710c9426fe5ffb352c642493b98d5ffa9aa1c6a33a8d63caff64147
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04e974fc490dc63a0425b1c96f7908617f039390d2bf310f288caec06e4e520
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f123e30ce7e66566067595582065285e08f87e619c55b79d298f44c06e11e09c
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
f997e0caf0c1e38cafa1b40976ece079926149379465496aea6765312b76e375
fa280f3b9117ea04aad8b275d9ddf929b92ec6e48ef6f1acf065242843ac8e27
fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf

www.twobillsdrive.com Open in urlscan Pro 107.155.81.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

94 %HTTPS

62 %IPv6

26 Domains

39 Subdomains

35 IPs

7 Countries

2846 kBTransfer

7372 kBSize

25 Cookies

58 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.twobillsdrive.com Open in urlscan Pro
107.155.81.11 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

94 %
HTTPS

62 %
IPv6

26
Domains

39
Subdomains

35
IPs

7
Countries

2846 kB
Transfer

7372 kB
Size

25
Cookies

178 HTTP transactions
5 data transactions