urlscan.io logo urlscan.io
SecurityTrails logo

ads.bid Open in urlscan Pro
88.208.54.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://2sfygwfxvsxv.info/
Effective URL: https://ads.bid/
Submission: On January 27 via manual from UA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 19 domains to perform 69 HTTP transactions. The main IP is 88.208.54.88, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ads.bid.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 27th 2019. Valid for: 3 months.
This is the only time ads.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

29    88.208.54.88 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
2sfygwfxvsxv.info
ads.bid
dj5473hfdd36.ru
6    2a03:90c0:9997::9997 (Germany)

ASN199524 (GCORE, AT)
code.jivosite.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
recaptcha.net
2    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    54.155.68.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-68-125.eu-west-1.compute.amazonaws.com
node132.jivosite.com
2    2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
3    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
4    93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
vk.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    94.130.66.148 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.66.130.94.clients.your-server.de
tag.oneretarget.com
4    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Domain Requested by
26 dj5473hfdd36.ru ads.bid
6 code.jivosite.com ads.bid
code.jivosite.com
5 mc.yandex.ru 1 redirects ads.bid
4 top-fwz1.mail.ru ads.bid
top-fwz1.mail.ru
4 www.google.com 2 redirects www.gstatic.com
ads.bid
4 vk.com ads.bid
3 www.google.de ads.bid
3 www.google-analytics.com 1 redirects www.googletagmanager.com
ads.bid
2 www.facebook.com ads.bid
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net ads.bid
connect.facebook.net
2 yandex.ru ads.bid
2 www.googletagmanager.com ads.bid
tag.oneretarget.com
2 recaptcha.net ads.bid
2 ads.bid dj5473hfdd36.ru
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 tag.oneretarget.com ads.bid
1 node132.jivosite.com code.jivosite.com
1 www.gstatic.com recaptcha.net
1 fonts.googleapis.com ads.bid
1 2sfygwfxvsxv.info 1 redirects
69 22
Subject Issuer Validity Valid
ads.bid
Let's Encrypt Authority X3		 2019-12-27 -
2020-03-26		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2017-04-10 -
2020-06-04		 3 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
misc.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
yandex.ru
Yandex CA		 2019-09-05 -
2020-09-04		 a year crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
vk.com
Sectigo ECC Extended Validation Secure Server CA		 2019-07-11 -
2020-07-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
tag.oneretarget.com
Let's Encrypt Authority X3		 2019-12-06 -
2020-03-05		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2019-01-18 -
2021-01-18		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://ads.bid/
Frame ID: 3F8009703DA2EDFCB3E917060EF707B1
Requests: 67 HTTP requests in this frame

Frame: https://yandex.ru/map-widget/v1/?um=constructor%3A514b7aab27d1e90c108030586e75b58a74da8763fe858f58b3a2407902ac1415&source=constructor
Frame ID: BF772F02DA0F308F389876BCF3501648
Requests: 1 HTTP requests in this frame

Frame: https://yandex.ru/map-widget/v1/?um=constructor%3A4167b2b1624bfad5e6cc02120902f700f7ac9b3b1fd301a9a42634e707e4ff07&source=constructor
Frame ID: 737C748A37BAB93E9B94214B274BFCED
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce5scUAAAAAJVdj8WRuyOho8yHQZQ4ikHWJBOk&co=aHR0cHM6Ly9hZHMuYmlkOjQ0Mw..&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=gfpftte06mka
Frame ID: 8AD2A7B318DA9E572F3806882DC000EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://2sfygwfxvsxv.info/ HTTP 301
    https://ads.bid/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

69
Requests

100 %
HTTPS

70 %
IPv6

19
Domains

22
Subdomains

20
IPs

6
Countries

3010 kB
Transfer

5971 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2sfygwfxvsxv.info/ HTTP 301
    https://ads.bid/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&gjid=346259217&_gid=1485569377.1580123686&_u=YGBAgEAB~&z=2049311076 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&_v=j79&z=2049311076 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&_v=j79&z=2049311076&slf_rd=1&random=3119254762
Request Chain 45
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1077659245&t=pageview&_s=1&dl=https%3A%2F%2Fads.bid%2F&ul=en-us&de=UTF-8&dt=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDACEABB~&jid=1163071063&gjid=1520005579&cid=777991673.1580123686&tid=UA-147625936-1&_gid=1485569377.1580123686&_r=1&z=1985335846 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_gid=1485569377.1580123686&gjid=1520005579&_v=j79&z=1985335846 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_v=j79&z=1985335846 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_v=j79&z=1985335846&slf_rd=1&random=1842938437
Request Chain 51
  • https://mc.yandex.ru/watch/55210021?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200127121445%3Aet%3A1580123686%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A531860983%3Ahid%3A454164146%3Ads%3A4%2C57%2C729%2C1%2C550%2C0%2C0%2C374%2C6%2C%2C%2C%2C1718%3Afp%3A1679%3Awn%3A35494%3Ahl%3A2%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1580123686%3Au%3A1580123686179595043%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2 HTTP 302
  • https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200127121445%3Aet%3A1580123686%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A531860983%3Ahid%3A454164146%3Ads%3A4%2C57%2C729%2C1%2C550%2C0%2C0%2C374%2C6%2C%2C%2C%2C1718%3Afp%3A1679%3Awn%3A35494%3Ahl%3A2%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1580123686%3Au%3A1580123686179595043%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
ads.bid/
Redirect Chain
  • http://2sfygwfxvsxv.info/
  • https://ads.bid/
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f3eed77385d726b7567f1ab5cf9990d399263099921a257b3d7fa3173604409d

Request headers

Host
ads.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Server
nginx/1.17.3
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6IloxQXM5OEp6TzRlZll2c3pTdlY0MlE9PSIsInZhbHVlIjoiTmdJNWlYc1NoSzJ5akdiVERBdXc0U09hQ29ZQTNZMVdOajFnYVdpYm1sb250U00rXC92MWpleEhqcXk4ZVd6M0oiLCJtYWMiOiI2MTE4MWE3ZWVjMDM4ZWZiMjY1OTRkOTU4Mjg0YjMyMTJkZmRiZDdkMGRmYWUyYzMwYTI1ZTNkMjJiNGQ1NWRjIn0%3D; expires=Tue, 28-Jan-2020 11:14:45 GMT; Max-Age=86400; path=/ laravel_session=eyJpdiI6IldSRUcwUDFRU0ZGdWNjc3lBZzNEcEE9PSIsInZhbHVlIjoieGFYeWd0STBXTUFLb1JOaXNxbHVIa3ZNSnZWc2UxNDQ3VFJKYkhFRStEK2tuaHd6bUxKMDlyYjhva1wvUVBiSDMiLCJtYWMiOiJlMTVhMTRkODk2MTg4YzdkYzcyODMwODAwOGI2ZWNhNDY4NzYwYWNhMzM1MDI2N2EzZWMwNzg5NTdhMmZhZjc4In0%3D; expires=Tue, 28-Jan-2020 11:14:45 GMT; Max-Age=86400; path=/; httponly
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
Content-Encoding
gzip

Redirect headers

Server
nginx/1.16.0
Date
Mon, 27 Jan 2020 11:14:44 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://ads.bid
Strict-Transport-Security
max-age=31536000
widget.js
code.jivosite.com/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/widget.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
9832067cb9df045a8e90277f36bfbf5a97af247f8c15918875231f5e13b3a46e

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-id
nkf-up-gc15, cec-up-gc11
date
Mon, 27 Jan 2020 11:14:45 GMT
via
1.1 sharxy
x-cached-since
2020-01-22T12:04:30+00:00, 2020-01-27T10:13:47+00:00
status
200
x-shard
shieldShard0_80
content-length
17492
last-modified
Wed, 22 Jan 2020 11:38:56 GMT
server
nginx
etag
"5e283450-4454"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT, HIT
accept-ranges
bytes
expires
Wed, 22 Jan 2020 14:04:30 GMT
landing.css
dj5473hfdd36.ru/css/ 		192 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/css/landing.css
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a90b1bc2b0c66d4ab32c74a16c3fde7516f056db15e763ed075d71c1f22db351

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
W/"5e29bde8-301f6"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
icon
fonts.googleapis.com/ 		574 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 11:14:45 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 11:14:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 11:14:45 GMT
api.js
recaptcha.net/recaptcha/ 		675 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recaptcha.net/recaptcha/api.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
215b62c61c9764df8ecdfdc162b56e6c89ac8d97655d7db3b5925058aeb6e0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
447
x-xss-protection
1; mode=block
expires
Mon, 27 Jan 2020 11:14:45 GMT
api.js
recaptcha.net/recaptcha/ 		709 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recaptcha.net/recaptcha/api.js?render=6Lce5scUAAAAAJVdj8WRuyOho8yHQZQ4ikHWJBOk
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bcd8016be09afd1db1b21c5cd6f72e25caea172525048d667158ca11830069b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
480
x-xss-protection
1; mode=block
expires
Mon, 27 Jan 2020 11:14:45 GMT
close.png
dj5473hfdd36.ru/images/landing/ 		511 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/close.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
284c96c27764afadb67daa628422d1494f48abca6c2ea5fd6bcd6d2a3eee3993

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-1ff"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
511
user-icon.png
dj5473hfdd36.ru/images/landing/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/user-icon.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7756ddc8ae5b4106cb0c82a79adfb3b61b43c99601e834ddcc35a6b9def0df7a

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-1075"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
4213
logo.svg
dj5473hfdd36.ru/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/logo.svg
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
984e5de85690373b09c8b16e4a74cf857851eae730c48254c33d55f4d35ca7ad

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-3032"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
12338
sandwich.png
dj5473hfdd36.ru/images/landing/ 		225 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/sandwich.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
6a647ebd3d72866eb30720125c4cf2997fd30007f8cefb5bad1ebcfdd14a153e

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-e1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
225
close-blue.png
dj5473hfdd36.ru/images/landing/ 		330 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/close-blue.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
ce6d671c03faf0eed9e67e34cea57c406f402ccd680ad6c6495ae16e9c94e345

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-14a"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
330
graph-mobile-3.png
dj5473hfdd36.ru/images/landing/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/graph-mobile-3.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
655e4df00465ca01a9193495e32a413c196baaa7cc5b64cc9796132e781578ad

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-19ecb"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
106187
notebook.png
dj5473hfdd36.ru/images/landing/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/notebook.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a4168fee1facc89c4491707b70d6ffafb00b9db1136810ee509996c18bd8052b

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-aaae"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
43694
klyaksa.png
dj5473hfdd36.ru/images/landing/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/klyaksa.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f250dd7f428107dbb2fd26c9ce688d259e2d9cbd7f2719764298d9dff235e0cd

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-556d"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
21869
fly-mac.png
dj5473hfdd36.ru/images/landing/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/fly-mac.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f7ea480101aeab8d9862060d9d6c1972e40f720dd5bb41efdc6e4f8d2edc9be0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-126d7"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
75479
telegram.png
dj5473hfdd36.ru/images/landing/ 		753 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/telegram.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c5a1a79d268069962313296646c46c5ca04756e0987cb304b60ae800c1394491

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-2f1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
753
vk.png
dj5473hfdd36.ru/images/landing/ 		908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/vk.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
fae0f024d64c27523a74161a0cfba30e78eb145f6c35a938db476c6165eb8ca2

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-38c"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
908
vk-hover.png
dj5473hfdd36.ru/images/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/vk-hover.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a94634ad7084a964809c5de6ebe8f15c27da08a8e02bdc0129700e3823844290

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-a0b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
2571
skype.png
dj5473hfdd36.ru/images/landing/ 		964 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/skype.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
61467e93a9af337db8fce804c104d36e6f4f1889452c94a69fc5519ca82c44c9

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-3c4"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
964
skype-hover.png
dj5473hfdd36.ru/images/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/skype-hover.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
709b3558ec592ef19670dccc09c169fb44bef7b1ca1a556a87e304729c648374

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-a8b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
2699
mail.png
dj5473hfdd36.ru/images/landing/ 		691 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/mail.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f21638566beb7db0df8c58067ca66342b88d9a1d0f8b0ac625a75576c83319f7

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-2b3"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
691
mail-hover.png
dj5473hfdd36.ru/images/landing/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/mail-hover.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
3a003b3d92f70e76da4fc61a3983b2dd0fd618a7f69f886035a396959ee13b3b

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-91d"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
2333
manifest.js
dj5473hfdd36.ru/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/js/manifest.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-5d5"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
1493
vendor.js
dj5473hfdd36.ru/js/ 		1 MB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/js/vendor.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
185fd7d03210fc6b943c7e0faf58594e7e61a60d866f802eccb7427a4a9ae07f

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
W/"5e29bde8-111e91"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
landing.js
dj5473hfdd36.ru/js/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/js/landing.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
40babaebf80cc6d2013449b6555935ebe2de3862a1cf56386375447fff8e102e

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
W/"5e29bde8-b206"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
gtm.js
www.googletagmanager.com/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKDDNLD
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92ced0db9128a13bd2a25aecbd3298ffbb00adfbb8f5065d946d49688524c0fc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
br
last-modified
Mon, 27 Jan 2020 09:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
22954
x-xss-protection
0
expires
Mon, 27 Jan 2020 11:14:45 GMT
bmOTGioHaW
code.jivosite.com/script/widget/config/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/bmOTGioHaW
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
25dc0b4db2ac03a0252d48ef3ca6aa0156dafe392daf2cc4385b008e84f3bac2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://ads.bid/
Origin
https://ads.bid

Response headers

x-id
nkf-up-gc7, cec-up-gc10
date
Mon, 27 Jan 2020 11:14:45 GMT
via
1.1 sharxy
server
nginx
status
200
vary
Accept-Encoding
x-cached-since
2020-01-27T10:43:52+00:00, 2020-01-27T11:03:26+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT, HIT
x-shard
shieldShard0_80
accept-ranges
bytes
content-length
2609
expires
Mon, 27 Jan 2020 12:43:52 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/ 		257 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/recaptcha__en.js
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 21 Jan 2020 21:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 18:54:09 GMT
server
sffe
age
480062
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94001
x-xss-protection
0
expires
Wed, 20 Jan 2021 21:53:43 GMT
bmOTGioHaW
node132.jivosite.com/widget/status/1095537/ 		202 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node132.jivosite.com/widget/status/1095537/bmOTGioHaW?rnd=0.8597724763504966
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.68.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-68-125.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b08b9ce4e42cce2aa66ed099b9a95f2d83c1285f855bd003853ca4df3fb2182a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://ads.bid/
Origin
https://ads.bid

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Server
nginx
X-BotMode
no
X-GeoIP
GB;H9;London
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-geoip, x-botmode
Connection
keep-alive
Content-Length
202
/
yandex.ru/map-widget/v1/ Frame BF77 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/map-widget/v1/?um=constructor%3A514b7aab27d1e90c108030586e75b58a74da8763fe858f58b3a2407902ac1415&source=constructor
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=3102272871580123685&yandex_login=undefined
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
yandex.ru
:scheme
https
:path
/map-widget/v1/?um=constructor%3A514b7aab27d1e90c108030586e75b58a74da8763fe858f58b3a2407902ac1415&source=constructor
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ads.bid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://ads.bid/

Response headers

status
200
content-security-policy
default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=3102272871580123685&yandex_login=undefined
vary
Accept-Encoding
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
set-cookie
yandexuid=3102272871580123685; Domain=.yandex.ru; Path=/; Expires=Sun, 27 Jan 2030 11:14:45 GMT i=WEUPYTh56NVVzJxMfV+8bps+c+we2/Dha9j8exfZBUOHErE+C4rFcRLFyWscZ638+ej5X7Q5cdRhOR27r3Ox/H62qV8=; Expires=Thu, 24-Jan-2030 11:14:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
etag
W/"f62-hcDTvJvuL5++JJWUXQ+/Bg"
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
content-encoding
gzip
/
yandex.ru/map-widget/v1/ Frame 737C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/map-widget/v1/?um=constructor%3A4167b2b1624bfad5e6cc02120902f700f7ac9b3b1fd301a9a42634e707e4ff07&source=constructor
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=4094607221580123685&yandex_login=undefined
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
yandex.ru
:scheme
https
:path
/map-widget/v1/?um=constructor%3A4167b2b1624bfad5e6cc02120902f700f7ac9b3b1fd301a9a42634e707e4ff07&source=constructor
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ads.bid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://ads.bid/

Response headers

status
200
content-security-policy
default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=4094607221580123685&yandex_login=undefined
vary
Accept-Encoding
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
set-cookie
yandexuid=4094607221580123685; Domain=.yandex.ru; Path=/; Expires=Sun, 27 Jan 2030 11:14:45 GMT i=KaDY45/egVSlG0cZxZeKuP8KZRwn/xr5z4MjR0UvoB1BebL2mgDCN9cWDQZbBNUggulgDXKMm3CFkunJuXYvhyCIeeE=; Expires=Thu, 24-Jan-2030 11:14:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
etag
W/"f63-WbAL3uMKO5t5NDrBRnUUdA"
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
content-encoding
gzip
main-bg.png
dj5473hfdd36.ru/images/landing/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/main-bg.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
ccde94d69d0437bc1ded3c4fa23def4c65fbd899bd70e736590c31f543efb3cf

Request headers

Referer
https://dj5473hfdd36.ru/css/landing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-10c5a4"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
1099172
sprite_front.png
dj5473hfdd36.ru/images/landing/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj5473hfdd36.ru/images/landing/sprite_front.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
8ee1f9d09cc295f7e7d827c53b0d7ae66752a502da527513377b1d4aa410ee76

Request headers

Referer
https://dj5473hfdd36.ru/css/landing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-4c2f"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
19503
Montserrat-Medium.woff
dj5473hfdd36.ru/fonts/montserrat/ 		135 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/fonts/montserrat/Montserrat-Medium.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f16f0ba0ff026f770fe84e32a59c045ec0fdd183d827ac3d854a3578c3b4ff13

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://dj5473hfdd36.ru/css/landing.css
Origin
https://ads.bid

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-21d14"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138516
Montserrat-Bold.woff
dj5473hfdd36.ru/fonts/montserrat/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/fonts/montserrat/Montserrat-Bold.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e1632dc38a09dce6cb13781150c5c2559762113ac2fb5d3509827b2e23223742

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://dj5473hfdd36.ru/css/landing.css
Origin
https://ads.bid

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-21e94"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138900
Montserrat-SemiBold.woff
dj5473hfdd36.ru/fonts/montserrat/ 		135 KB
135 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/fonts/montserrat/Montserrat-SemiBold.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e47879993ba04778087685eb53bfc03caf05da15f89f87aec961bf7aa638817d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://dj5473hfdd36.ru/css/landing.css
Origin
https://ads.bid

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-21bf8"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138232
Montserrat-Regular.woff
dj5473hfdd36.ru/fonts/montserrat/ 		135 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dj5473hfdd36.ru/fonts/montserrat/Montserrat-Regular.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
215a175ce4fe873fe5ccb95770980ce28b5e46b844cd459f619e8371d5effc1e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://dj5473hfdd36.ru/css/landing.css
Origin
https://ads.bid

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-21d68"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138600
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDDNLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2472
date
Mon, 27 Jan 2020 10:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 27 Jan 2020 12:33:33 GMT
tag.js
mc.yandex.ru/metrika/ 		362 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
aa85eae9b4c8325d2ce364c584a2938d4fefcc53924091cabccd29acf65bde9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Content-Encoding
br
Last-Modified
Fri, 17 Jan 2020 15:24:44 GMT
Server
nginx/1.14.2
ETag
"5e21d1bc-16ddd"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93661
Expires
Mon, 27 Jan 2020 12:14:45 GMT
openapi.js
vk.com/js/api/ 		97 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?162
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
VK /
Resource Hash
c31c0d4dafc5e8ce84fc2c4b6311b4d2e240bf59d4986eb39a979fa97fa00a39

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-frontend
front512006
last-modified
Mon, 27 Jan 2020 10:20:14 GMT
server
VK
etag
"5e2eb95e-5b95"
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23445
expires
Fri, 31 Jan 2020 11:14:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
x4t2f7kYirb5XzwUqIMDfTeHsNzHuUq0cB8zgh5HRP2pnKA7KxlkL44Y0MM/gd8pikIWTbRRBbJKlU7jYu1tTw==
x-fb-trip-id
1850256238
date
Mon, 27 Jan 2020 11:14:45 GMT, Mon, 27 Jan 2020 11:14:45 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
11239_ads.bid.js
tag.oneretarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.oneretarget.com/11239_ads.bid.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.66.130.94.clients.your-server.de
Software
nginx/1.15.11 /
Resource Hash
2235e5326f4b9488e8595ca91413ad94653d6a40b849e602a6157fbcfc6399a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Nov 2019 11:23:15 GMT
Server
nginx/1.15.11
ETag
"5dca9623-1740"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Connection
keep-alive
Content-Security-Policy-Report-Only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Content-Length
5952
ads.js
ads.bid/js/ 		153 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bid/js/ads.js
Requested by
Host: dj5473hfdd36.ru
URL: https://dj5473hfdd36.ru/js/landing.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
4f966c5d1428aed00c33a974978f58a17e5a188046b0ad3cee8ba993c223151d

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Thu, 23 Jan 2020 15:38:16 GMT
Server
nginx/1.17.3
ETag
"5e29bde8-99"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
153
anchor
www.google.com/recaptcha/api2/ Frame 8AD2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce5scUAAAAAJVdj8WRuyOho8yHQZQ4ikHWJBOk&co=aHR0cHM6Ly9hZHMuYmlkOjQ0Mw..&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=gfpftte06mka
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JVLkel1kfXGtfSw9Bt4L7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lce5scUAAAAAJVdj8WRuyOho8yHQZQ4ikHWJBOk&co=aHR0cHM6Ly9hZHMuYmlkOjQ0Mw..&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=gfpftte06mka
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ads.bid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://ads.bid/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 27 Jan 2020 11:14:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-JVLkel1kfXGtfSw9Bt4L7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8781
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1077659245&t=pageview&_s=1&dl=https%3A%2F%2Fads.bid%2F&ul=en-us&de=UTF-8&dt=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1544461209&gjid=346259217&cid=777991673.1580123686&tid=UA-147625936-1&_gid=1485569377.1580123686&gtm=2wg1f1PKDDNLD&z=441866743
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Jan 2020 19:02:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
144730
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&gjid=346259217&_gid=1485569377.1580123686&_u=YGBAgEAB~&z=2049311076
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&_v=j79&z=2049311076
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&_v=j79&z=2049311076&slf_rd=1&random=3119254762
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&_v=j79&z=2049311076&slf_rd=1&random=3119254762
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1544461209&_v=j79&z=2049311076&slf_rd=1&random=3119254762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1077659245&t=pageview&_s=1&dl=https%3A%2F%2Fads.bid%2F&ul=en-us&de=UTF-8&dt=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_gid=1485569377.1580123686&gjid=1520005579&_v=j79&z=1985335846
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_v=j79&z=1985335846
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_v=j79&z=1985335846&slf_rd=1&random=1842938437
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_v=j79&z=1985335846&slf_rd=1&random=1842938437
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=777991673.1580123686&jid=1163071063&_v=j79&z=1985335846&slf_rd=1&random=1842938437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2843685072343467
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2843685072343467?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61011e604925cf6ceb8f362be27d31b7d115ff7ae23839226609a5aabcae3992
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114919
x-xss-protection
0
pragma
public
x-fb-debug
597hd3SwD+IdNjXxnf+TGRmMaOQSeXJObitmMlQ+3yNo2pPyltf6t28pMSgeMRmN10FJdfpeDE2A6CoUzvYqvw==
x-fb-trip-id
1850256238
date
Mon, 27 Jan 2020 11:14:45 GMT, Mon, 27 Jan 2020 11:14:45 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
code.js
top-fwz1.mail.ru/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
6ea507220aecf7cc439f1cd091a2ff4ceeb9eee6992e20c9d0d7e4eb3771bc25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Mon, 16 Dec 2019 11:54:30 GMT
Server
nginx
ETag
W/"5df77076-404f"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=7200, private
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Keep-Alive
timeout=60
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-696611158
Requested by
Host: tag.oneretarget.com
URL: https://tag.oneretarget.com/11239_ads.bid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a403e66a1eaf8d0ea313aec504df582da70e193fb2745ccf5c04f171895e7a2c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
br
last-modified
Mon, 27 Jan 2020 09:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28304
x-xss-protection
0
expires
Mon, 27 Jan 2020 11:14:45 GMT
/
www.facebook.com/tr/ 		44 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2843685072343467&ev=PageView&dl=https%3A%2F%2Fads.bid%2F&rl=&if=false&ts=1580123685635&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1580123685635.1762804009&it=1580123685576&coo=false&rqm=GET
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT, Mon, 27 Jan 2020 11:14:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 27 Jan 2020 11:14:45 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696611158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9920
x-xss-protection
0
server
cafe
etag
4870430129932666244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Jan 2020 11:14:45 GMT
1
mc.yandex.ru/watch/55210021/
Redirect Chain
  • https://mc.yandex.ru/watch/55210021?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn...
  • https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3A...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200127121445%3Aet%3A1580123686%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A531860983%3Ahid%3A454164146%3Ads%3A4%2C57%2C729%2C1%2C550%2C0%2C0%2C374%2C6%2C%2C%2C%2C1718%3Afp%3A1679%3Awn%3A35494%3Ahl%3A2%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1580123686%3Au%3A1580123686179595043%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Mon, 27-Jan-2020 11:14:45 GMT
Server
nginx/1.14.2
Location
/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200127121445%3Aet%3A1580123686%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A531860983%3Ahid%3A454164146%3Ads%3A4%2C57%2C729%2C1%2C550%2C0%2C0%2C374%2C6%2C%2C%2C%2C1718%3Afp%3A1679%3Awn%3A35494%3Ahl%3A2%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1580123686%3Au%3A1580123686179595043%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://ads.bid
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 27-Jan-2020 11:14:45 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Mon, 27-Jan-2020 11:14:45 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://ads.bid
Strict-Transport-Security
max-age=31536000
Location
/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200127121445%3Aet%3A1580123686%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A531860983%3Ahid%3A454164146%3Ads%3A4%2C57%2C729%2C1%2C550%2C0%2C0%2C374%2C6%2C%2C%2C%2C1718%3Afp%3A1679%3Awn%3A35494%3Ahl%3A2%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1580123686%3Au%3A1580123686179595043%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 27-Jan-2020 11:14:45 GMT
rtrg
vk.com/ 		49 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-425186-1SYfl&metatag_url=https%3A%2F%2Fads.bid
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
VK / PHP/3.22853
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-frontend
front512006
server
VK
x-powered-by
PHP/3.22853
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-405165-bHLZ5&metatag_url=https%3A%2F%2Fads.bid
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
VK / PHP/3.22853
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-frontend
front512006
server
VK
x-powered-by
PHP/3.22853
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 27 Jan 2020 12:14:45 GMT
rtrg
vk.com/ 		49 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-425147-2aNzk&metatag_url=https%3A%2F%2Fads.bid
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
VK / PHP/3.22853
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-frontend
front512006
server
VK
x-powered-by
PHP/3.22853
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
counter
top-fwz1.mail.ru/ 		43 B
938 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3148480;u=https%3A//ads.bid/;st=1580123685480;title=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=1a254d9bf65004ef;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1580123685816%3A1580123685828%3A1%3Aa712d4e248363edce316a434f278992a;opts=dl;_=0.6915637518452575
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://ads.bid
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://ads.bid
Keep-Alive
timeout=60
tracker
top-fwz1.mail.ru/ 		43 B
938 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3148480;u=https%3A//ads.bid/;st=1580123685480;title=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=1a254d9bf65004ef;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1580123685816%3A1580123685829%3A2%3Aa712d4e248363edce316a434f278992a;opts=dl;_=0.4168621840718614;e=RG%3A/OR_2293_production_s
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 27 Jan 2020 11:14:45 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://ads.bid
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://ads.bid
Keep-Alive
timeout=60
1
mc.yandex.ru/watch/55210021/ 		152 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1580123683762%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200127121445%3Aet%3A1580123686%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A531860983%3Ahid%3A454164146%3Ads%3A4%2C57%2C729%2C1%2C550%2C0%2C0%2C374%2C6%2C%2C%2C%2C1718%3Afp%3A1679%3Awn%3A35494%3Ahl%3A2%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1580123686%3Au%3A1580123686179595043%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ff9bcbae9e8dcdd30c61606de34b51909cbedcb62443c1bb81350b2351feb5ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 27 Jan 2020 11:14:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27-Jan-2020 11:14:45 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 27-Jan-2020 11:14:45 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/?random=1580123685871&cv=9&fst=1580123685871&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1f1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fads.bid%2F&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7218ef81228a1a8453cc2a631bfca5517cc11ccc359ca00fe0ec69f1a9adb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 11:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1074
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/696611158/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/696611158/?random=1580123685871&cv=9&fst=1580122800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1f1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fads.bid%2F&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&async=1&fmt=3&is_vtc=1&random=2205361560&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/696611158/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/696611158/?random=1580123685871&cv=9&fst=1580122800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1f1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fads.bid%2F&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&async=1&fmt=3&is_vtc=1&random=2205361560&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 11:14:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2843685072343467&ev=Microdata&dl=https%3A%2F%2Fads.bid%2F&rl=&if=false&ts=1580123686137&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%22%2C%22meta%3Adescription%22%3A%22%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%20%D0%B2%D1%81%D0%B5%D1%85%20%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA.%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%20%D1%81%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%B8%D0%BC%20CPM.%20100%25%20%D0%BE%D1%82%D1%87%D0%B8%D1%81%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D1%81%20%D0%BA%D0%BB%D0%B8%D0%BA%D0%B0.%20%D0%A0%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%20%D0%B2%D0%B5%D0%B1%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80%D0%B0.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fads.bid%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdj5473hfdd36.ru%2Fimages%2Fog-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1580123685635.1762804009&it=1580123685576&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 11:14:46 GMT, Mon, 27 Jan 2020 11:14:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 27 Jan 2020 11:14:46 GMT
bundle_ru_RU.js
code.jivosite.com/js/ 		1 MB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_ru_RU.js?rand=1579694640
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
a4753fbbe07da9c4ce109ca6dbacda6b58b449aca423948e3790d9ea724fcc86

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-id
nkf-up-gc15, cec-up-gc11
date
Mon, 27 Jan 2020 11:14:46 GMT
content-encoding
br
x-cached-since
2020-01-22T12:04:25+00:00, 2020-01-26T12:05:42+00:00
status
200
x-shard
shieldShard0_80
content-length
242943
via
1.1 sharxy
last-modified
Wed, 22 Jan 2020 11:40:45 GMT
server
nginx
etag
"5e2834bd-3b4ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
tracker
top-fwz1.mail.ru/ 		43 B
823 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3148480;u=https%3A//ads.bid/;st=1580123685480;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=1a254d9bf65004ef;ver=60.1.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1580123683762/////550/552/556/556/613/574/613/1342/1343/1344/1718/1718/1724/2935/2935/;ni=10//4g/0/0/;lvid=1580123685816%3A1580123686699%3A3%3Aa712d4e248363edce316a434f278992a;opts=dl;_=0.747462235970598;e=RT/load;et=1580123686698
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 27 Jan 2020 11:14:46 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://ads.bid
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://ads.bid
Keep-Alive
timeout=60
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91b6e35955f69e4cf8e63c79e6a6e1faba19bbe3ff80aa629dffa1cf051bdbc8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://ads.bid/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Range
bytes=0-

Response headers

x-id
nkf-up-gc13, cec-up-gc11
date
Mon, 27 Jan 2020 11:14:46 GMT
via
1.1 sharxy
x-cached-since
2020-01-25T13:17:05+00:00
status
206
x-shard
shieldShard0_80
content-length
3760
content-range
bytes 0-3759/3760
last-modified
Wed, 22 Jan 2020 11:38:27 GMT
server
nginx
etag
"5e283433-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=864000
cache
MISS, HIT
expires
Tue, 04 Feb 2020 13:17:05 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://ads.bid/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Range
bytes=0-

Response headers

x-id
nkf-up-gc12, cec-up-gc11
date
Mon, 27 Jan 2020 11:14:46 GMT
via
1.1 sharxy
x-cached-since
2020-01-24T20:17:24+00:00
status
206
x-shard
shieldShard0_80
content-length
5808
content-range
bytes 0-5807/5808
last-modified
Wed, 22 Jan 2020 11:38:27 GMT
server
nginx
etag
"5e283433-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=864000
cache
MISS, HIT
expires
Mon, 03 Feb 2020 20:17:23 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://ads.bid/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Range
bytes=0-

Response headers

x-id
nkf-up-gc9, cec-up-gc11
date
Mon, 27 Jan 2020 11:14:46 GMT
via
1.1 sharxy
x-cached-since
2020-01-22T12:04:24+00:00, 2020-01-22T12:04:27+00:00
status
206
x-shard
shieldShard0_80
content-length
5014
content-range
bytes 0-5013/5014
last-modified
Wed, 22 Jan 2020 11:38:27 GMT
server
nginx
etag
"5e283433-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=864000
cache
HIT, HIT
expires
Sat, 01 Feb 2020 12:04:24 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| jivo_config object| webpackJsonp object| google_tag_manager string| GoogleAnalyticsObject function| ga function| ym function| fbq function| _fbq object| recaptcha function| Popper function| jQuery function| $ function| axios object| closure_lm_657968 object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| adblockDisabled function| htmlParser function| postscribe object| _tmr function| gtag object| _oneretarget object| Ya object| yaCounter55210021 function| obj2qs object| fastXDM object| VK function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| jivo_version object| jivo_api

18 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: _ym_wasSynced
Value: %7B%22time%22%3A1580123686633%2C%22params%22%3A%7B%22eu%22%3A1%7D%2C%22bkParams%22%3A%7B%7D%7D
.yandex.ru/ Name: i
Value: GnJQld+lf9fR5iYbzv1v7ACWoWWT6F/57rtRzrERyVOqzv6G7EXFbDprAV6MXNq/DZq5OLRnm6O4ovQhjul1s4MuU9s=
.yandex.ru/ Name: yandexuid
Value: 4094607221580123685
.ads.bid/ Name: _ym_isad
Value: 2
.ads.bid/ Name: _ym_visorc_55210021
Value: w
.ads.bid/ Name: tmr_lvidTS
Value: 1580123685816
.yandex.ru/ Name: yuidss
Value: 4094607221580123685
.ads.bid/ Name: _ym_d
Value: 1580123686
.ads.bid/ Name: _dc_gtm_UA-147625936-1
Value: 1
.ads.bid/ Name: _gat
Value: 1
.ads.bid/ Name: tmr_lvid
Value: a712d4e248363edce316a434f278992a
.ads.bid/ Name: _ym_uid
Value: 1580123686179595043
.ads.bid/ Name: _gid
Value: GA1.2.1485569377.1580123686
.ads.bid/ Name: tmr_reqNum
Value: 3
ads.bid/ Name: XSRF-TOKEN
Value: eyJpdiI6IloxQXM5OEp6TzRlZll2c3pTdlY0MlE9PSIsInZhbHVlIjoiTmdJNWlYc1NoSzJ5akdiVERBdXc0U09hQ29ZQTNZMVdOajFnYVdpYm1sb250U00rXC92MWpleEhqcXk4ZVd6M0oiLCJtYWMiOiI2MTE4MWE3ZWVjMDM4ZWZiMjY1OTRkOTU4Mjg0YjMyMTJkZmRiZDdkMGRmYWUyYzMwYTI1ZTNkMjJiNGQ1NWRjIn0%3D
.ads.bid/ Name: _ga
Value: GA1.2.777991673.1580123686
ads.bid/ Name: laravel_session
Value: eyJpdiI6IldSRUcwUDFRU0ZGdWNjc3lBZzNEcEE9PSIsInZhbHVlIjoieGFYeWd0STBXTUFLb1JOaXNxbHVIa3ZNSnZWc2UxNDQ3VFJKYkhFRStEK2tuaHd6bUxKMDlyYjhva1wvUVBiSDMiLCJtYWMiOiJlMTVhMTRkODk2MTg4YzdkYzcyODMwODAwOGI2ZWNhNDY4NzYwYWNhMzM1MDI2N2EzZWMwNzg5NTdhMmZhZjc4In0%3D
.ads.bid/ Name: _fbp
Value: fb.1.1580123685635.1762804009

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 2843685072343467.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2sfygwfxvsxv.info
ads.bid
code.jivosite.com
connect.facebook.net
dj5473hfdd36.ru
fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.ru
node132.jivosite.com
recaptcha.net
stats.g.doubleclick.net
tag.oneretarget.com
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
yandex.ru
172.217.18.98
217.69.133.145
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:814::2008
2a00:1450:4001:815::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2003
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9c
2a02:6b8::1:119
2a02:6b8:a::a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:9997::9997
54.155.68.125
88.208.54.88
93.186.225.208
94.130.66.148
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
185fd7d03210fc6b943c7e0faf58594e7e61a60d866f802eccb7427a4a9ae07f
215a175ce4fe873fe5ccb95770980ce28b5e46b844cd459f619e8371d5effc1e
215b62c61c9764df8ecdfdc162b56e6c89ac8d97655d7db3b5925058aeb6e0bc
2235e5326f4b9488e8595ca91413ad94653d6a40b849e602a6157fbcfc6399a6
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25dc0b4db2ac03a0252d48ef3ca6aa0156dafe392daf2cc4385b008e84f3bac2
284c96c27764afadb67daa628422d1494f48abca6c2ea5fd6bcd6d2a3eee3993
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3a003b3d92f70e76da4fc61a3983b2dd0fd618a7f69f886035a396959ee13b3b
40babaebf80cc6d2013449b6555935ebe2de3862a1cf56386375447fff8e102e
4f966c5d1428aed00c33a974978f58a17e5a188046b0ad3cee8ba993c223151d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
61011e604925cf6ceb8f362be27d31b7d115ff7ae23839226609a5aabcae3992
61467e93a9af337db8fce804c104d36e6f4f1889452c94a69fc5519ca82c44c9
655e4df00465ca01a9193495e32a413c196baaa7cc5b64cc9796132e781578ad
6a647ebd3d72866eb30720125c4cf2997fd30007f8cefb5bad1ebcfdd14a153e
6ea507220aecf7cc439f1cd091a2ff4ceeb9eee6992e20c9d0d7e4eb3771bc25
709b3558ec592ef19670dccc09c169fb44bef7b1ca1a556a87e304729c648374
7756ddc8ae5b4106cb0c82a79adfb3b61b43c99601e834ddcc35a6b9def0df7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ee1f9d09cc295f7e7d827c53b0d7ae66752a502da527513377b1d4aa410ee76
91b6e35955f69e4cf8e63c79e6a6e1faba19bbe3ff80aa629dffa1cf051bdbc8
92ced0db9128a13bd2a25aecbd3298ffbb00adfbb8f5065d946d49688524c0fc
9832067cb9df045a8e90277f36bfbf5a97af247f8c15918875231f5e13b3a46e
984e5de85690373b09c8b16e4a74cf857851eae730c48254c33d55f4d35ca7ad
a403e66a1eaf8d0ea313aec504df582da70e193fb2745ccf5c04f171895e7a2c
a4168fee1facc89c4491707b70d6ffafb00b9db1136810ee509996c18bd8052b
a4753fbbe07da9c4ce109ca6dbacda6b58b449aca423948e3790d9ea724fcc86
a90b1bc2b0c66d4ab32c74a16c3fde7516f056db15e763ed075d71c1f22db351
a94634ad7084a964809c5de6ebe8f15c27da08a8e02bdc0129700e3823844290
aa85eae9b4c8325d2ce364c584a2938d4fefcc53924091cabccd29acf65bde9d
b08b9ce4e42cce2aa66ed099b9a95f2d83c1285f855bd003853ca4df3fb2182a
bcd8016be09afd1db1b21c5cd6f72e25caea172525048d667158ca11830069b9
c31c0d4dafc5e8ce84fc2c4b6311b4d2e240bf59d4986eb39a979fa97fa00a39
c5a1a79d268069962313296646c46c5ca04756e0987cb304b60ae800c1394491
ccde94d69d0437bc1ded3c4fa23def4c65fbd899bd70e736590c31f543efb3cf
ce6d671c03faf0eed9e67e34cea57c406f402ccd680ad6c6495ae16e9c94e345
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d7218ef81228a1a8453cc2a631bfca5517cc11ccc359ca00fe0ec69f1a9adb2f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e1632dc38a09dce6cb13781150c5c2559762113ac2fb5d3509827b2e23223742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47879993ba04778087685eb53bfc03caf05da15f89f87aec961bf7aa638817d
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16f0ba0ff026f770fe84e32a59c045ec0fdd183d827ac3d854a3578c3b4ff13
f21638566beb7db0df8c58067ca66342b88d9a1d0f8b0ac625a75576c83319f7
f250dd7f428107dbb2fd26c9ce688d259e2d9cbd7f2719764298d9dff235e0cd
f3eed77385d726b7567f1ab5cf9990d399263099921a257b3d7fa3173604409d
f7ea480101aeab8d9862060d9d6c1972e40f720dd5bb41efdc6e4f8d2edc9be0
fae0f024d64c27523a74161a0cfba30e78eb145f6c35a938db476c6165eb8ca2
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43
ff9bcbae9e8dcdd30c61606de34b51909cbedcb62443c1bb81350b2351feb5ab