urlscan.io logo urlscan.io
SecurityTrails logo

bid.paradisecopters.com Open in urlscan Pro
209.10.180.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bid.paradisecopters.com/
Effective URL: https://bid.paradisecopters.com/Public
Submission: On June 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 209.10.180.228, located in Dallas, United States and belongs to QTS, US. The main domain is bid.paradisecopters.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 14th 2024. Valid for: a year.
This is the only time bid.paradisecopters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    209.10.180.228 (Dallas, United States)

ASN4136 (QTS, US)
bid.paradisecopters.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.190.203.150 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hostedpayments.fullsteampay.net
6    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    216.239.34.36 (None, )

ASN- ()
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 paradisecopters.com
bid.paradisecopters.com
540 KB
7 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
1 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 fullsteampay.net
hostedpayments.fullsteampay.net — Cisco Umbrella Rank: 158633
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
104 KB
22 6
Domain Requested by
16 bid.paradisecopters.com 2 redirects bid.paradisecopters.com
7 region1.google-analytics.com 3 redirects bid.paradisecopters.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 hostedpayments.fullsteampay.net bid.paradisecopters.com
1 fonts.googleapis.com bid.paradisecopters.com
1 www.googletagmanager.com bid.paradisecopters.com
22 6

This site contains no links.

Subject Issuer Validity Valid
bid.paradisecopters.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-14 -
2025-07-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.fullsteampay.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-16 -
2024-10-16		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bid.paradisecopters.com/Public
Frame ID: 35EA3FF248D8FBF1E8773370CC51D335
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paradise Helicopters

Page URL History Show full URLs

  1. https://bid.paradisecopters.com/ HTTP 302
    https://bid.paradisecopters.com/Authentication/Login?ReturnUrl=%2f HTTP 302
    https://bid.paradisecopters.com/Public Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

86 %
HTTPS

57 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

705 kB
Transfer

2356 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bid.paradisecopters.com/ HTTP 302
    https://bid.paradisecopters.com/Authentication/Login?ReturnUrl=%2f HTTP 302
    https://bid.paradisecopters.com/Public Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-FE6MKN7KVP&gtm=45je46c0v9105617690za200&_p=1718523030719&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=814756712.1718523031&ul=de-de&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1718523030&sct=1&seg=0&dl=https%3A%2F%2Fbid.paradisecopters.com%2FPublic&dt=Paradise%20Helicopters&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=2277&_z=sendBeacon HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=7787426256644957425&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
Request Chain 10
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-FE6MKN7KVP&gtm=45je46c0v9105617690za200&_p=1718523030719&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=814756712.1718523031&ul=de-de&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=2&sid=1718523030&sct=1&seg=0&dl=https%3A%2F%2Fbid.paradisecopters.com%2FPublic&dt=Paradise%20Helicopters&en=Maxdimension&_c=1&_ee=1&epn.TenantId=887&_et=2&tfd=2292&_z=sendBeacon HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=9088241067870474031&dma=1&dma_cps=sypham&en=Maxdimension&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
Request Chain 11
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-FE6MKN7KVP&gtm=45je46c0v9105617690za200&_p=1718523030719&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=814756712.1718523031&ul=de-de&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=3&sid=1718523030&sct=1&seg=1&dl=https%3A%2F%2Fbid.paradisecopters.com%2FPublic&dt=Paradise%20Helicopters&en=page_view&_c=1&_ee=1&epn.TenantId=887&_et=1&tfd=2296&_z=sendBeacon HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=10890880466449040934&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Public
bid.paradisecopters.com/
Redirect Chain
  • https://bid.paradisecopters.com/
  • https://bid.paradisecopters.com/Authentication/Login?ReturnUrl=%2f
  • https://bid.paradisecopters.com/Public
50 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
97f783c770ea28c04c24f15e905343ce9fee36bd901ad6ac6718eddea6c00939
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-length
13704
content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 07:30:29 GMT
expect-ct
enforce, max-age=43200
feature-policy
fullscreen 'none'
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
permissions-policy
fullscreen=()
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
public, no-store, max-age=0
content-length
124
content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 07:30:29 GMT
expect-ct
enforce, max-age=43200
expires
Sun, 16 Jun 2024 07:30:30 GMT
feature-policy
fullscreen 'none'
last-modified
Sun, 16 Jun 2024 07:30:30 GMT
location
/Public
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
permissions-policy
fullscreen=()
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
*
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		316 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FE6MKN7KVP
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0af4af034ba298e3a10b14b5712cb082286acaa05282017c2850f742864f999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 07:30:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jun 2024 07:30:30 GMT
publicstyles
bid.paradisecopters.com/Content/css/ 		589 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/Content/css/publicstyles?v=942SCQy3uiRlP9aK8QaAN2OkeVv_rVe4RWNB_to4AhQ1
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
27dfd2c59043704b82d2be77c41327fe05576d327130db7777ebdc5e99442c6a
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 07:30:30 GMT
transfer-encoding
chunked
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 16 Jun 2024 07:30:30 GMT
expect-ct
enforce, max-age=43200
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
expires
Mon, 16 Jun 2025 07:30:30 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&lang=en
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 07:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 07:24:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 07:30:30 GMT
jquery
bid.paradisecopters.com/bundles/ 		85 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/bundles/jquery?v=cjkatXG-b8pWdru8bbf4BKCR-I5rhBnHAIcKH449VZM1
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
e65e86fddc1b72935d9b37afd5e5589ca9ee4eecf1878acb3ab8a6074ffdf64d
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 07:30:30 GMT
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
content-length
38716
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 16 Jun 2024 07:30:31 GMT
expect-ct
enforce, max-age=43200
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
expires
Mon, 16 Jun 2025 07:30:31 GMT
jqueryval
bid.paradisecopters.com/bundles/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/bundles/jqueryval?v=zauo45Fk-rkSeW0raevTo2oAxmDirXpQLpjvk4mJ_tE1
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
451e74d24089a29b07d94d25213d1c15c2d8975e7b78bbac73179125ab641968
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 07:30:30 GMT
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
content-length
11758
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 16 Jun 2024 07:30:31 GMT
expect-ct
enforce, max-age=43200
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
expires
Mon, 16 Jun 2025 07:30:31 GMT
jqueryajax
bid.paradisecopters.com/bundles/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/bundles/jqueryajax?v=DSTK0KGJdgKIOyMkrsZYntRTSDaFsbxXAJjRig52uYY1
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
be9e6236349f795c94a0928e1c4d64f4b98ba09d53bec760344659a54afcd432
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 07:30:30 GMT
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
content-length
1605
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 16 Jun 2024 07:30:31 GMT
expect-ct
enforce, max-age=43200
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
expires
Mon, 16 Jun 2025 07:30:31 GMT
publicscripts
bid.paradisecopters.com/bundles/ 		1 MB
326 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/bundles/publicscripts?v=50JSy_t0MHw3udBkahKLGezm8ht9nsoNvSNuqigUAkA1
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
b6423a2291a91c312947d505ef0d571c755b9a8131390fc7ffe3b95cd0b72a46
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 07:30:30 GMT
transfer-encoding
chunked
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 16 Jun 2024 07:30:31 GMT
expect-ct
enforce, max-age=43200
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
expires
Mon, 16 Jun 2025 07:30:31 GMT
fullsteam.hostedcontrols.js
hostedpayments.fullsteampay.net/js/hostedcontrols/2.0.0/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hostedpayments.fullsteampay.net/js/hostedcontrols/2.0.0/fullsteam.hostedcontrols.js
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.190.203.150 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4c0bae4a7056002232b9eb2604f830e0fd03c8aa1ce56d1f034a42998d33cf1a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 07:30:31 GMT
content-encoding
gzip
referrer-policy
strict-origin
strict-transport-security
max-age=2592000
last-modified
Thu, 30 May 2024 14:56:14 GMT
x-content-type-options
nosniff
etag
"1dab2a1844da19c"
vary
Accept-Encoding
x-frame-options
ALLOWALL
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
request-context
appId=cid-v1:4bc77e4e-0db6-4389-8e16-939da4b2c01c
search.png
bid.paradisecopters.com/Content/images/auction-detail-img/ 		421 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.paradisecopters.com/Content/images/auction-detail-img/search.png
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
a2da5a4153fa83e3eb02ea127ea94671db948362f25c128c82abd1feb498ecf8
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 07:30:30 GMT
content-length
421
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 26 Sep 2022 20:03:26 GMT
etag
"07bd29e3d1d81:0"
expect-ct
enforce, max-age=43200
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
accept-ranges
bytes
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-FE6MKN7KVP&gtm=45je46c0v9105617690za200&_p=1718523030719&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=814756712.1718523031&ul=de-...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=7787426256644957425&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&t...
0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=7787426256644957425&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 07:30:31 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jun 2024 07:30:31 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=7787426256644957425&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-FE6MKN7KVP&gtm=45je46c0v9105617690za200&_p=1718523030719&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=814756712.1718523031&ul=de-...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=9088241067870474031&dma=1&dma_cps=sypham&en=Maxdimension&gtm=45je46c0v9105617690za200&npa=...
0
43 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=9088241067870474031&dma=1&dma_cps=sypham&en=Maxdimension&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 07:30:31 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jun 2024 07:30:31 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=9088241067870474031&dma=1&dma_cps=sypham&en=Maxdimension&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
492
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.google-analytics.com/g/collect?v=2&tid=G-FE6MKN7KVP&gtm=45je46c0v9105617690za200&_p=1718523030719&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=814756712.1718523031&ul=de-...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=10890880466449040934&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&...
0
52 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=10890880466449040934&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 07:30:31 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jun 2024 07:30:31 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=814756712.1718523031&dbk=10890880466449040934&dma=1&dma_cps=sypham&en=page_view&gtm=45je46c0v9105617690za200&npa=1&tid=G-FE6MKN7KVP&dl=https%3A%2F%2Fbid.paradisecopters.com%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
490
expires
Fri, 01 Jan 1990 00:00:00 GMT
chosen-sprite.png
bid.paradisecopters.com/Content/css/ 		646 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.paradisecopters.com/Content/css/chosen-sprite.png
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Content/css/publicstyles?v=942SCQy3uiRlP9aK8QaAN2OkeVv_rVe4RWNB_to4AhQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 07:30:32 GMT
content-length
646
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 30 Sep 2022 14:08:16 GMT
etag
"088b915d6d4d81:0"
expect-ct
enforce, max-age=43200
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
accept-ranges
bytes
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bid.paradisecopters.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:47:08 GMT
x-content-type-options
nosniff
age
218604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:47:08 GMT
avatar.png
bid.paradisecopters.com/Content/images/users/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.paradisecopters.com/Content/images/users/avatar.png
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/Public
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
dc2514721a959d68e66b497a136648077718ad5d6228ef5c1a171c8b4a0a0591
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 07:30:32 GMT
content-length
2016
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 26 Sep 2022 20:03:26 GMT
etag
"07bd29e3d1d81:0"
expect-ct
enforce, max-age=43200
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
accept-ranges
bytes
GetAuctionTypeList
bid.paradisecopters.com/Public/Lookup/ 		56 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/Public/Lookup/GetAuctionTypeList?_=1718523031476
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/bundles/jquery?v=cjkatXG-b8pWdru8bbf4BKCR-I5rhBnHAIcKH449VZM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
f567cabac55731ad000b83a940d82025b98589927b2ba73046741ec5bbd195fd
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
no-referrer
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 07:30:32 GMT
expect-ct
enforce, max-age=43200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
cache-control
private
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
content-length
56
x-xss-protection
1; mode=block
GetAuctions
bid.paradisecopters.com/Public/Auction/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/Public/Auction/GetAuctions?pageNumber=1&filter=Current&auctionTypeFilter=&pageSize=100&viewType=List&_=1718523031477
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/bundles/jquery?v=cjkatXG-b8pWdru8bbf4BKCR-I5rhBnHAIcKH449VZM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
36a8400138241c2be7e676794403be7ffe3f1649b51535939e8fda628f6d674f
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 07:30:32 GMT
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
content-length
4807
x-xss-protection
1; mode=block
referrer-policy
no-referrer
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
private
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
jqueryval
bid.paradisecopters.com/bundles/ 		28 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/bundles/jqueryval?v=zauo45Fk-rkSeW0raevTo2oAxmDirXpQLpjvk4mJ_tE1
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/bundles/jquery?v=cjkatXG-b8pWdru8bbf4BKCR-I5rhBnHAIcKH449VZM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
451e74d24089a29b07d94d25213d1c15c2d8975e7b78bbac73179125ab641968
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 07:30:30 GMT
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
content-length
11758
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 16 Jun 2024 07:30:31 GMT
expect-ct
enforce, max-age=43200
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
expires
Mon, 16 Jun 2025 07:30:31 GMT
CustomAnnodation.js
bid.paradisecopters.com/Areas/Public/Scripts/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/Areas/Public/Scripts/CustomAnnodation.js?20220926200324
Requested by
Host: bid.paradisecopters.com
URL: https://bid.paradisecopters.com/bundles/jquery?v=cjkatXG-b8pWdru8bbf4BKCR-I5rhBnHAIcKH449VZM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
e15a37373eb6fdf5aff543b368fce8bdc4326dcbd64f9fe968812000557ee369
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 07:30:32 GMT
content-length
613
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 26 Sep 2022 20:03:24 GMT
etag
"04ea18e3d1d81:0"
expect-ct
enforce, max-age=43200
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=86400
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
accept-ranges
bytes
favicon.ico
bid.paradisecopters.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bid.paradisecopters.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.180.228 Dallas, United States, ASN4136 (QTS, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
no-referrer
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 07:30:32 GMT
expect-ct
enforce, max-age=43200
x-frame-options
SAMEORIGIN
content-type
text/html
feature-policy
fullscreen 'none'
permissions-policy
fullscreen=()
content-length
1245
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FE6MKN7KVP&gtm=45je46c0v9105617690za200&_p=1718523030719&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=814756712.1718523031&ul=de-de&are=1&frm=0&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&_s=4&sid=1718523030&sct=1&seg=1&dl=https%3A%2F%2Fbid.paradisecopters.com%2FPublic&dt=Paradise%20Helicopters&en=scroll&epn.percent_scrolled=90&_et=3&tfd=7301&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FE6MKN7KVP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 07:30:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bid.paradisecopters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery function| localStorageSupport function| animationHover function| SmoothlyMenu function| WinMove object| $jscomp function| LoadPopUp function| LoadDeletePopUp function| LoadCaroselPopUp function| LoadLoginPopUp function| LoadDropDown function| LoadDropDownWithDataCode function| LoadDropDownForMultiselect function| LoadDropDownForClass function| LoadFormDropDown function| CloseModalPopUp function| ShowToasterMessage function| RemoveBidTextBoxandButtons function| BindTimer function| BindTimerBids function| convertLocalDatetoUTCDate function| LoadDropDownWithoutSelect function| LoadDropDownWithoutSelectMutiselect function| FormatNumber function| FormatLocal function| FormatToLocalTime function| formatCommaNumber function| formatCurrency function| formatMoney function| LoadWarningPopup function| LoadSocialNetworkUrl function| CopyToClipboard function| getUrlParameter function| updateURLParameter function| ChangeUrl function| LoadFormMultiselectDropDown function| CountDown function| CountDown1 function| Popper object| bootstrap function| PubNub object| blueimp function| metisMenu string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile function| moment function| swal function| sweetAlert function| AjaxBootstrapSelect function| AjaxBootstrapSelectList function| AjaxBootstrapSelectRequest function| PhotoSwipeUI_Default function| PhotoSwipe object| fullsteamHostedPayments function| setupFullsteamHostedPayments function| performFullsteamHostedPaymentsAction number| TimeBeforeLoad function| LoadAuctions function| LoadFilterContent function| LoadGlobalSearch function| HideFilter function| MarkAuctionAsHalt function| LoadTypeDropDown function| LoadAuctionDetails function| AuctionTypeFilterEncryptUrl function| LoadAcutionItemList number| sessionTime number| warningSessiontime object| existingListener object| existingSessionListener function| clearOpacity function| ReloadPage function| getProfilePic function| Logout function| LoadTermsAndCondition undefined| timerIncrement undefined| WarnTimeout undefined| ResetTimer undefined| ResetLocalStorage undefined| ResetLocalStorageExtensionTime undefined| OpenPreSessionTimeOutPopup undefined| KeepSessionAlive undefined| CheckSessionAlive undefined| checkInternetConnection undefined| backToOnline function| ChangeLanguage function| RedirectLoginPage function| ReloadPublicPage function| FetchCurrentCSTTime function| GetCurrentDateTime function| BindCountdownTimer function| goToTop number| diffTime

6 Cookies

Domain/Path Name / Value
bid.paradisecopters.com/ Name: SERVERID
Value: app4
bid.paradisecopters.com/ Name: ASP.NET_SessionId
Value: r5zq1ssm4ebqkvw253ix1zzr
bid.paradisecopters.com/ Name: languageType
Value: English
bid.paradisecopters.com/ Name: __RequestVerificationToken
Value: E1Glx_yuH1xh8mGNlR_OrLstBqFY7mrFohR2-VHrmHpE5xGrPaniR_OodVMYPNsyceDE1AEZhM02xZe8lF0J8-k1Q1zVuL-fz9OuP-IDV-M1
.paradisecopters.com/ Name: _ga
Value: GA1.1.814756712.1718523031
.paradisecopters.com/ Name: _ga_FE6MKN7KVP
Value: GS1.1.1718523030.1.1.1718523031.0.0.0

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: fullscreen. Values defined in Permissions-Policy header will be used.
network error URL: https://bid.paradisecopters.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; style-src 'self' http://* 'unsafe-inline'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://* data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.paradisecopters.com
fonts.googleapis.com
fonts.gstatic.com
hostedpayments.fullsteampay.net
region1.google-analytics.com
www.googletagmanager.com
172.190.203.150
2001:4860:4802:32::36
209.10.180.228
216.239.34.36
2a00:1450:4001:800::200a
2a00:1450:4001:803::2008
2a00:1450:4001:830::2003
27dfd2c59043704b82d2be77c41327fe05576d327130db7777ebdc5e99442c6a
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
36a8400138241c2be7e676794403be7ffe3f1649b51535939e8fda628f6d674f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
451e74d24089a29b07d94d25213d1c15c2d8975e7b78bbac73179125ab641968
4c0bae4a7056002232b9eb2604f830e0fd03c8aa1ce56d1f034a42998d33cf1a
97f783c770ea28c04c24f15e905343ce9fee36bd901ad6ac6718eddea6c00939
a2da5a4153fa83e3eb02ea127ea94671db948362f25c128c82abd1feb498ecf8
b0af4af034ba298e3a10b14b5712cb082286acaa05282017c2850f742864f999
b6423a2291a91c312947d505ef0d571c755b9a8131390fc7ffe3b95cd0b72a46
be9e6236349f795c94a0928e1c4d64f4b98ba09d53bec760344659a54afcd432
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dc2514721a959d68e66b497a136648077718ad5d6228ef5c1a171c8b4a0a0591
e15a37373eb6fdf5aff543b368fce8bdc4326dcbd64f9fe968812000557ee369
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65e86fddc1b72935d9b37afd5e5589ca9ee4eecf1878acb3ab8a6074ffdf64d
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80
f567cabac55731ad000b83a940d82025b98589927b2ba73046741ec5bbd195fd