bidbuddy.bot Open in urlscan Pro
104.16.42.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bidbuddy.bot/
Submission: On June 23 via api (June 23rd 2024, 5:02:37 pm UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 36 HTTP transactions. The main IP is 104.16.42.105, located in and belongs to CLOUDFLARENET, US. The main domain is bidbuddy.bot.
TLS certificate: Issued by E5 on June 17th 2024. Valid for: 3 months.

This is the only time bidbuddy.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	104.16.42.105 104.16.42.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.149.43 52.222.149.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	18.244.28.62 18.244.28.62	16509 (AMAZON-02) (AMAZON-02)
1	3.5.24.134 3.5.24.134	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:211... 2600:9000:211e:4c00:1c:37e5:3f40:21	16509 (AMAZON-02) (AMAZON-02)
36	10

12 104.16.42.105 (None, )

ASN13335 (CLOUDFLARENET, US)

bidbuddy.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-43.cdg52.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.28.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-28-62.cdg52.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.24.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

plst237.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:211e:4c00:1c:37e5:3f40:21 (United States)

ASN16509 (AMAZON-02, US)

d1muf25xaso8hp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bidbuddy.bot bidbuddy.bot	975 KB
10	gstatic.com fonts.gstatic.com	282 KB
7	cloudfront.net d1muf25xaso8hp.cloudfront.net	79 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
1	amazonaws.com plst237.s3.amazonaws.com — Cisco Umbrella Rank: 157677	7 KB
1	driftt.com js.driftt.com — Cisco Umbrella Rank: 7548	62 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	12 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15234	43 KB
36	9

	Domain	Requested by
12	bidbuddy.bot	bidbuddy.bot
10	fonts.gstatic.com	fonts.googleapis.com
7	d1muf25xaso8hp.cloudfront.net	bidbuddy.bot
2	www.google-analytics.com	bidbuddy.bot www.google-analytics.com
1	plst237.s3.amazonaws.com	bidbuddy.bot
1	js.driftt.com	bidbuddy.bot
1	fonts.googleapis.com	bidbuddy.bot
1	cdn.jsdelivr.net	bidbuddy.bot
1	cdn.plaid.com	bidbuddy.bot
36	9

This site contains no links.

Subject Issuer	Validity	Valid
bidbuddy.bot E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bidbuddy.bot/
Frame ID: B01FABC2335975608DC572076DA0ACC5
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BidBuddy

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

36
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

1485 kB
Transfer

5670 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bidbuddy.bot/ 17 KB
6 KB 912ms
780ms Document
text/html 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

720ebb26682913a08629c329c05560f33723b48725850e137441344b4207b769

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 89860bcc9c9bbbe8-WAW
content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html
date: Sun, 23 Jun 2024 17:02:30 GMT
referrer-policy: origin
server: cloudflare
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.076 unit-seconds used
x-bubble-perf: {"total":106.5,"percents":{"top":{"bubble_cpu":30.9,"block":68.8,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":22.2,"appserver_cache_misses_time":0,"redis":61.7,"fiber_queue":4.7,"capacity_wait":3.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":28,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":87,"fiber_queue":75,"blocks":74},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":4930652}}
x-frame-options: DENY
x-powered-by: Express

GET
H2 200 early.js Show response
bidbuddy.bot/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 24 KB
9 KB 354ms
327ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:30 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":59.8,"percents":{"top":{"bubble_cpu":11.6,"block":86.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.2,"appserver_cache_misses_time":0,"redis":9.6,"fiber_queue":1.1,"capacity_wait":10.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041703}}
age: 1048293
x-powered-by: Express
x-bubble-capacity-used: 0.016 unit-seconds used
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 89860bd20fecbbe8-WAW
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.css
bidbuddy.bot/package/run_css/4412b3a7d476d1b44952efadb3fb357c97d9898a5e2f6117ec612654120c4ffe/chase-36023/live/index/xfalse/xfalse/ 74 KB
14 KB 399ms
377ms Stylesheet
text/css 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/package/run_css/4412b3a7d476d1b44952efadb3fb357c97d9898a5e2f6117ec612654120c4ffe/chase-36023/live/index/xfalse/xfalse/run.css
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3bd6170f7d2eeaecae9656102c483a50e546a308fc95c982e4f656abd931719e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:30 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":93.3,"percents":{"top":{"bubble_cpu":15.4,"block":81.4,"capacity_rl":0,"other_pause":0,"pre_fiber":0.7},"sub":{"pp_userdb":2.1,"pp_wait_userdb":0,"http_request":0,"serverjson":6,"appserver_cache_misses_time":0,"redis":17.8,"fiber_queue":2,"capacity_wait":1.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":27,"fiber_queue":33,"blocks":32},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":2162273}}
age: 70159
cf-polished: origSize=96745
x-powered-by: Express
x-bubble-capacity-used: 0.033 unit-seconds used
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 89860bd20fe8bbe8-WAW
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 pre_run_jquery.js Show response
bidbuddy.bot/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 88 KB
32 KB 399ms
377ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:30 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":168.5,"percents":{"top":{"bubble_cpu":5.9,"block":93.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":3,"pp_wait_userdb":0,"http_request":0,"serverjson":4.7,"appserver_cache_misses_time":0,"redis":17.6,"fiber_queue":0.9,"capacity_wait":22.8}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":7497779}}
age: 799723
x-powered-by: Express
x-bubble-capacity-used: 0.115 unit-seconds used
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 89860bd20fefbbe8-WAW
x-bubble-capacity-limit: 38.3 ms slower

GET
H2 200 run.js Show response
bidbuddy.bot/package/run_js/82f0932413b615d2824ead91e0097585fc27c3b1d0d2c8ae6c1d5531f257611d/xfalse/x29/ 3 MB
741 KB 351ms
329ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/package/run_js/82f0932413b615d2824ead91e0097585fc27c3b1d0d2c8ae6c1d5531f257611d/xfalse/x29/run.js
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a5524c173244bedafac7ebb5bd8c475cbcc70a028fe95ff5b625593957d29a99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:30 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":112.3,"percents":{"top":{"bubble_cpu":37.2,"block":56.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.3},"sub":{"pp_userdb":2.7,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":31.3,"fiber_queue":2.1,"capacity_wait":2.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":7264933}}
age: 162384
x-powered-by: Express
x-bubble-capacity-used: 0.112 unit-seconds used
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 89860bd20ff1bbe8-WAW
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 static.js Show response
bidbuddy.bot/package/static_js/a4eb1cb088d5086674d024c0261d9e10386a04a83f981105014f3f0f9ccea626/chase-36023/live/index/xnull/xfalse/xfalse/xfalse/ 1 MB
145 KB 371ms
349ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/package/static_js/a4eb1cb088d5086674d024c0261d9e10386a04a83f981105014f3f0f9ccea626/chase-36023/live/index/xnull/xfalse/xfalse/xfalse/static.js
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 222400f34d9157773528886444b9651ae56c895aa29c6fb14dc560f173792e84

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:30 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":1251.4,"percents":{"top":{"bubble_cpu":5.4,"block":94.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.1},"sub":{"pp_userdb":0.1,"pp_wait_userdb":0,"http_request":0,"serverjson":0.7,"appserver_cache_misses_time":0,"redis":14.9,"fiber_queue":1.8,"capacity_wait":0.2}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":7,"derived_cache_memory_misses":7,"derived_cache_redis_misses":3,"serverjson":14,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":1,"redis":108,"fiber_queue":107,"blocks":106},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":10169920}}
age: 70159
x-powered-by: Express
x-bubble-capacity-used: 0.156 unit-seconds used
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 89860bd20ff4bbe8-WAW
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 dynamic.js Show response
bidbuddy.bot/package/dynamic_js/4c109d78f7c0e1aacd4f8d514d29b3c376605bab46c21ec7d2ec078a0273e47e/chase-36023/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 123 KB
24 KB 343ms
328ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/package/dynamic_js/4c109d78f7c0e1aacd4f8d514d29b3c376605bab46c21ec7d2ec078a0273e47e/chase-36023/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c2155ece675d4a2d99c812895cc0ae0e3c400d0cfee71750151dc6286795d739

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:30 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":337.8,"percents":{"top":{"bubble_cpu":15.9,"block":84.4,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0.9,"pp_wait_userdb":0,"http_request":0,"serverjson":46.7,"appserver_cache_misses_time":0,"redis":86.8,"fiber_queue":6.3,"capacity_wait":0.4}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":1,"derived_cache_attempts":6,"derived_cache_memory_misses":6,"derived_cache_redis_misses":1,"derived_cache_postgres_misses":1,"serverjson":47,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":167,"fiber_queue":107,"blocks":106},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":13073797,"derived_build_time_spent":111}}
age: 70159
x-powered-by: Express
x-bubble-capacity-used: 0.201 unit-seconds used
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 89860bd20ff6bbe8-WAW
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 156 KB
43 KB 553ms
102ms Script
text/javascript 52.222.149.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-43.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c6973b84c78083006d4f2167ed3cbc6f6469cdf819a0474abfa40b91a3699c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yNDcZ5y.uTAM6W4jSO_9E.LpgEYNnAb1
content-encoding: br
via: 1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
date: Sun, 23 Jun 2024 14:41:45 GMT
x-amz-request-id: XY9ETGSV8277206B
x-amz-cf-pop: CDG52-P1
x-amz-server-side-encryption: AES256
age: 8460
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: T3GkGQaR6BE7RvF5VA4YNvIDuavw2AHSBgto1lg2SAyMvzFt1RFCqlDi9E+NJ0B2g/yLuXeHYy8=
last-modified: Mon, 17 Jun 2024 17:25:48 GMT
server: AmazonS3
etag: W/"205c2fc8b57493f8873821815ae048fb"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: P_HxJtqC3P9o3jt3RO7cMcTD2jEcd5gT5I0NBw0GW8G3_vAACe1hQw==

GET
H2 200 tesseract.min.js Show response
cdn.jsdelivr.net/npm/tesseract.js@4.0.3/dist/ 63 KB
12 KB 614ms
164ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/tesseract.js@4.0.3/dist/tesseract.min.js

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6848fba970a25ddce394aab8b6566ef0ce9a48ecc4fdda2e01ab090817f783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version: 4.0.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11110
x-served-by: cache-fra-eddf8230130-FRA, cache-lga21959-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"fd6c-PgyZiSMtaaWCLDsS9mlZCK0/Djs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzLekWaORVBwXqnGqYMOXosk80Bw%2Fqad1BDdRgR8zkNXJ1W34GuNZtMt%2FXkZrdg5xK2qGzuTox0jb0yA%2Ff0uNK4%2BpyOquLR3oBKcUo0%2BtN%2F%2B3TzXmggsOdhYFVHg4yZPK3h6H0aoaiszXXtJ5o8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89860bd4cbf237da-FRA

GET
H2 200 css
fonts.googleapis.com/ 15 KB
3 KB 396ms
63ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Caveat:700%7CIndie+Flower:400%7CIndie+Flower:400%7CLato:regular%7CLato:900%7CLato:900%7COpen+Sans:regular%7CPatrick+Hand:400%7CPatrick+Hand:400%7CRock+Salt:400%7CShadows+Into+Light:400%7CTinos:regular%7CTinos:700%7CTinos:700

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddcf17135424e7d99ee65e684e019bbc0c12d17a0677d45f0752fce3acb7fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Jun 2024 17:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 17:02:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Jun 2024 17:02:31 GMT

GET
H3 200 data Show response
bidbuddy.bot/api/1.1/init/ 283 B
1019 B 972ms
944ms XHR
text/plain 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/api/1.1/init/data?location=https%3A%2F%2Fbidbuddy.bot%2F
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1e7277d54e42530a5701fba6d1cf0cfde44db37c4368a878ba6e434240b026be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:32 GMT
cf-cache-status: DYNAMIC
x-bubble-perf: {"total":280.7,"percents":{"top":{"bubble_cpu":6.8,"block":92.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":1.1,"pp_wait_userdb":0,"http_request":0,"serverjson":1.6,"appserver_cache_misses_time":0,"redis":4.3,"fiber_queue":0.7,"capacity_wait":0.9}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":6,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":24,"fiber_queue":28,"blocks":27},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":8843063}}
server: cloudflare
x-powered-by: Express
x-bubble-capacity-used: 0.136 unit-seconds used
cf-ray: 89860bd498debf2f-WAW
alt-svc: h3=":443"; ma=86400
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjRV6eIWpYQ.woff2
fonts.gstatic.com/s/caveat/v18/ 50 KB
50 KB 354ms
174ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjRV6eIWpYQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Caveat:700%7CIndie+Flower:400%7CIndie+Flower:400%7CLato:regular%7CLato:900%7CLato:900%7COpen+Sans:regular%7CPatrick+Hand:400%7CPatrick+Hand:400%7CRock+Salt:400%7CShadows+Into+Light:400%7CTinos:regular%7CTinos:700%7CTinos:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ac2e65ad54d1facf37cc3d3f4b52302a37ca04229dcccf1671abf4ff612f89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:22:07 GMT
x-content-type-options: nosniff
age: 438024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51104
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:55:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:22:07 GMT

GET
H2 200 m8JVjfNVeKWVnh3QMuKkFcZVaUuH.woff2
fonts.gstatic.com/s/indieflower/v21/ 19 KB
19 KB 240ms
60ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/indieflower/v21/m8JVjfNVeKWVnh3QMuKkFcZVaUuH.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb57752edc96294323252e8d84fa25f975943b2ef3e87b2c984b15ca935d7657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:02:27 GMT
x-content-type-options: nosniff
age: 439204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19508
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:21:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:02:27 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 386ms
206ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:56:54 GMT
x-content-type-options: nosniff
age: 439537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:56:54 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 374ms
195ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:47:47 GMT
x-content-type-options: nosniff
age: 440084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:47:47 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 228ms
49ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:05:19 GMT
x-content-type-options: nosniff
age: 439032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:05:19 GMT

GET
H2 200 LDI1apSQOAYtSuYWp8ZhfYe8XsLL.woff2
fonts.gstatic.com/s/patrickhand/v23/ 23 KB
24 KB 400ms
220ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patrickhand/v23/LDI1apSQOAYtSuYWp8ZhfYe8XsLL.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717ad635ff8c1e8f2f0ece2c7d557a9051f69627c4bfc1ec0a3bd1c29e9a24ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:03:06 GMT
x-content-type-options: nosniff
age: 439165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24028
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:19:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:03:06 GMT

GET
H2 200 MwQ0bhv11fWD6QsAVOZrt0M6.woff2
fonts.gstatic.com/s/rocksalt/v22/ 57 KB
57 KB 307ms
128ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rocksalt/v22/MwQ0bhv11fWD6QsAVOZrt0M6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e17c66b0bccfe2d6f34849744762cf1109de0ef1941b8924760756ecffb5897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:55:19 GMT
x-content-type-options: nosniff
age: 439632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58668
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:18:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:55:19 GMT

GET
H2 200 UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v19/ 16 KB
16 KB 300ms
127ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shadowsintolight/v19/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:32:54 GMT
x-content-type-options: nosniff
age: 163777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16296
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:21:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Jun 2025 19:32:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 410ms
11ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/package/dynamic_js/4c109d78f7c0e1aacd4f8d514d29b3c376605bab46c21ec7d2ec078a0273e47e/chase-36023/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2005
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 23 Jun 2024 18:29:07 GMT

GET
H2 200 .js Show response
js.driftt.com/include/1719162300000/ 221 KB
62 KB 862ms
463ms Script
application/javascript 18.244.28.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1719162300000/.js

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.28.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-28-62.cdg52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2037c0cffae2688b5332df106c910e1532df3643c28b9023ff746645acda3f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:32 GMT
x-amz-version-id: USw4R1QyON_u1NhEdBvG7FTDCSL9gnOr
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 18364d9ffa15c1c031d187551fa4d248.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 21 Jun 2024 15:56:20 GMT
server: istio-envoy
etag: W/"e8d94d8bce9981cde582b060ea1cdc6e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W0P7pzMt4M-Xiltar13gZgjm0Qc9XLFRmpU_96k3Pgl4cXLZexxzBQ==

GET
H/1.1 200
OK plst.js Show response
plst237.s3.amazonaws.com/ 7 KB
7 KB 506ms
140ms Script
application/javascript 3.5.24.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://plst237.s3.amazonaws.com/plst.js
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.24.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 57329622c0571f0bc59a56da7cbbb007f53a6f69f66302fc41a99cdb429c5f8d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 17:02:33 GMT
Last-Modified: Tue, 17 Oct 2023 12:19:06 GMT
Server: AmazonS3
x-amz-request-id: ADFXMD4YEKAP7379
ETag: "79970b50601af623894fecbbb8524041"
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 30000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, PUT, DELETE, POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6834
x-amz-id-2: VljrzbtCrDnzQZH5WcYMuVcRp6b0AOYZ2BFn4Rx1NCAfUdOTAaCLr36c2+n6+PrtfQhsCg4ybyf4yWsCj5OWi+/5loC24aaUE8EQSBFMGS0=

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bidbuddy.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 buE4poGnedXvwjX7fmQ.woff2
fonts.gstatic.com/s/tinos/v24/ 27 KB
28 KB 51ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX7fmQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:47:28 GMT
x-content-type-options: nosniff
age: 440104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:47:28 GMT

GET
H2 200 buE1poGnedXvwj1AW3Fu0C8.woff2
fonts.gstatic.com/s/tinos/v24/ 25 KB
25 KB 71ms
71ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE1poGnedXvwj1AW3Fu0C8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bidbuddy.bot
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:52:05 GMT
x-content-type-options: nosniff
age: 439827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25136
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:03:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:52:05 GMT

POST
H3 200 hi Show response
bidbuddy.bot/user/ 57 B
841 B 655ms
655ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/user/hi
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27316da1524f9aa89d9284af4e5c948f1575066921335f34f37661b71175f42e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1719162152612x743119749095499000
X-Bubble-Fiber-ID: 1719162152845x150068560109062560
X-Bubble-PL: 1719162150439x496
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Bubble-R: https://bidbuddy.bot/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5
sec-ch-ua-platform: "Win32"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
Referer: https://bidbuddy.bot/

Response headers

date: Sun, 23 Jun 2024 17:02:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-bubble-perf: {"total":18.3,"percents":{"top":{"bubble_cpu":24.3,"block":71.8,"capacity_rl":0,"other_pause":0,"pre_fiber":4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":31.4,"appserver_cache_misses_time":0,"redis":56.6,"fiber_queue":3.9,"capacity_wait":10.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":666209}}
server: cloudflare
x-bubble-appname: chase-36023
x-powered-by: Express
x-bubble-request-took: 18
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
x-bubble-capacity-used: 0.01 unit-seconds used
cf-ray: 89860bdf6d94bf2f-WAW
alt-svc: h3=":443"; ma=86400
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718533896371x517809488296851140%2FBID%2520BUDDY.webp
d1muf25xaso8hp.cloudfront.net/ 4 KB
4 KB 252ms
77ms Image
image/jpeg 2600:9000:211e:4c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718533896371x517809488296851140%2FBID%2520BUDDY.webp?w=128&h=128&auto=compress&dpr=1&fit=max

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:4c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

725be8bdefadaf9beaaed246b095cb49933d156e9857789a892b65dba2b8d19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:33 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 628254
x-cache: Miss from cloudfront
x-imgix-id: 7820d73a8a02db7ece6b3f23f24083e9994fa4e9
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3735
x-served-by: cache-sjc10064-SJC, cache-fra-etou8220064-FRA
last-modified: Sun, 16 Jun 2024 10:31:39 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Tno9h-TCmRjXFp8FDKXVWKsvbpbDs-yZuaxub4i9lC6lQ6vVr4rReQ==

GET
H2 200 https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718531150065x436999542993238700%2Fpexels-photo-1587014.jpeg
d1muf25xaso8hp.cloudfront.net/ 23 KB
24 KB 271ms
96ms Image
image/jpeg 2600:9000:211e:4c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718531150065x436999542993238700%2Fpexels-photo-1587014.jpeg?w=768&h=512&auto=compress&dpr=1&fit=max

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:4c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

1122ab8f97bf44c0852e3ef1068662d352c3293764affe8fa31fe96ec39590eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:33 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 630999
x-cache: Miss from cloudfront
x-imgix-id: f7001527e489f4b59556a70546e604a0aebf8f86
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23904
x-served-by: cache-sjc1000131-SJC, cache-fra-eddf8230138-FRA
last-modified: Sun, 16 Jun 2024 09:45:54 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: wBmaAKLecgA8FmFBO-F9vrQ50wQUaw69LflJvrxSBhfdFso5x2hRrQ==

GET
H2 200 https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718534181324x151519285748717980%2Fpexels-photo-733872.jpeg
d1muf25xaso8hp.cloudfront.net/ 19 KB
20 KB 282ms
107ms Image
image/jpeg 2600:9000:211e:4c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718534181324x151519285748717980%2Fpexels-photo-733872.jpeg?w=512&h=341&auto=compress&dpr=1&fit=max

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:4c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

674b38f4452325c884b348b3db61d312dacc086267ba93ab9e891bef2b9bbb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:33 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 624131
x-cache: Miss from cloudfront
x-imgix-id: 0a0a10c3a61c70f7c6f01c16e39de2e739659170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19657
x-served-by: cache-sjc10069-SJC, cache-fra-etou8220025-FRA
last-modified: Sun, 16 Jun 2024 11:40:21 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3k02g4likZkjj1ya88PJyZYoqEbkqibMm9tFSVAvwWtAteh3cllB7A==

GET
H2 200 https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718534142763x591893453294154200%2Fpexels-photo-3783471.jpeg
d1muf25xaso8hp.cloudfront.net/ 16 KB
17 KB 234ms
59ms Image
image/jpeg 2600:9000:211e:4c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718534142763x591893453294154200%2Fpexels-photo-3783471.jpeg?w=512&h=341&auto=compress&dpr=1&fit=max

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:4c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

39e77c1d61efe36b20db086a7bef78081e4c06bfc167b25798747f83d86c6d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:33 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 624131
x-cache: Miss from cloudfront
x-imgix-id: b3fd42e8feaaadbc2fa5ce3c02f4d1da8b3b714c
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16386
x-served-by: cache-sjc10025-SJC, cache-fra-etou8220135-FRA
last-modified: Sun, 16 Jun 2024 11:40:22 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gIm1cNeOnbHjEEAieH9Yhw-PGkck_AddEf45M_zZwQrBjEzNT_XBpg==

GET
H2 200 https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718534328990x239457678721988400%2Fpexels-photo-8850721.jpeg
d1muf25xaso8hp.cloudfront.net/ 7 KB
8 KB 262ms
88ms Image
image/jpeg 2600:9000:211e:4c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718534328990x239457678721988400%2Fpexels-photo-8850721.jpeg?w=512&h=341&auto=compress&dpr=1&fit=max

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:4c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

1745780cb47d9d0b38e2f31a12fbd243a902bad42a2372c1affa3850fe83c324

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:33 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 624131
x-cache: Miss from cloudfront
x-imgix-id: a777d62a018d10be747791d4a4e7272993573614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7427
x-served-by: cache-sjc10037-SJC, cache-fra-etou8220066-FRA
last-modified: Sun, 16 Jun 2024 11:40:22 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qeAYIm-ASeDBkkusF5FULPKUbc8MM7gmrLxsw-0a6qjKacW7UcvsCA==

GET
H2 200 https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718533972890x746883506475503200%2FBID%2520BUDDY.webp
d1muf25xaso8hp.cloudfront.net/ 4 KB
4 KB 223ms
49ms Image
image/jpeg 2600:9000:211e:4c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1718533972890x746883506475503200%2FBID%2520BUDDY.webp?w=128&h=128&auto=compress&dpr=1&fit=max

Requested by

Host: bidbuddy.bot
URL: https://bidbuddy.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:4c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

725be8bdefadaf9beaaed246b095cb49933d156e9857789a892b65dba2b8d19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 02:42:48 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 628178
x-cache: Hit from cloudfront
x-imgix-id: 0debf93c89b33617ea919733b9dea621622b48f7
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3735
x-served-by: cache-sjc10055-SJC, cache-fra-etou8220067-FRA
last-modified: Sun, 16 Jun 2024 10:32:55 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rCXxGxLMCeno1BnHcQmjnL4eS54UDSQ1slzbwoGviEwKJbNuYxIBmA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 74ms
73ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=586456927&t=pageview&_s=1&dl=https%3A%2F%2Fbidbuddy.bot%2F&ul=de-de&de=UTF-8&dt=BidBuddy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABEAAAACAAI~&jid=29098165&gjid=1704767885&cid=2014437239.1719162153&tid=null&_gid=1968317587.1719162153&_r=1&_slc=1&z=841308838

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 17:02:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bidbuddy.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 m Show response
bidbuddy.bot/user/ 4 B
655 B 667ms
666ms XHR
text/plain 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/user/m
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Bubble-Fiber-ID: 1719162152988x825064662094770300
X-Bubble-PL: 1719162150439x496
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://bidbuddy.bot/
cache-control: no-cache
Referer: https://bidbuddy.bot/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:33 GMT
cf-cache-status: DYNAMIC
x-bubble-perf: {"total":16.4,"percents":{"top":{"bubble_cpu":29.9,"block":63.7,"capacity_rl":0,"other_pause":0,"pre_fiber":5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":33.6,"fiber_queue":4.1,"capacity_wait":8.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":734530}}
server: cloudflare
x-powered-by: Express
x-bubble-capacity-used: 0.011 unit-seconds used
cf-ray: 89860be04f1cbf2f-WAW
alt-svc: h3=":443"; ma=86400
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1530294839424x143528842134401200%2FIcon-no-clearspace.png
d1muf25xaso8hp.cloudfront.net/ 3 KB
3 KB 48ms
48ms Other
image/png 2600:9000:211e:4c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fff8638a3515212c0f85f472d860e60db.cdn.bubble.io%2Ff1530294839424x143528842134401200%2FIcon-no-clearspace.png?w=128&h=&auto=compress&dpr=1&fit=max

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:4c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

4962051db9426f370d30bcd8bd3c44223b946e0625f3d9356848d16c82225f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bidbuddy.bot/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 02:42:48 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 617948
x-cache: Hit from cloudfront
x-imgix-id: f1de564fb4df34f8f69cb157f650e602b9d84590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2761
x-served-by: cache-sjc1000108-SJC, cache-fra-etou8220115-FRA
last-modified: Sun, 16 Jun 2024 13:23:25 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=290304000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VHMMKuvn9peEtE95aGZ8IaLUJU0IKwiGV5uqFy2pQ3yFXYGsPi2Vlg==

POST
H3 200 apm Show response
bidbuddy.bot/user/ 4 B
723 B 677ms
676ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/user/apm
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Bubble-Fiber-ID: 1719162153945x525475994870572900
X-Bubble-PL: 1719162150439x496
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://bidbuddy.bot/
cache-control: no-cache
Referer: https://bidbuddy.bot/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-bubble-perf: {"total":12,"percents":{"top":{"bubble_cpu":33.4,"block":60.3,"capacity_rl":0,"other_pause":0,"pre_fiber":6.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":31.9,"fiber_queue":4.5,"capacity_wait":16.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":599584}}
server: cloudflare
x-bubble-appname: chase-36023
x-powered-by: Express
x-bubble-request-took: 12
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
x-bubble-capacity-used: 0.009 unit-seconds used
cf-ray: 89860be649fcbf2f-WAW
alt-svc: h3=":443"; ma=86400
x-bubble-capacity-limit: 0 ms slower

POST
H3 200 frg Show response
bidbuddy.bot/ 5 B
725 B 633ms
632ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bidbuddy.bot/frg
Requested by: Host: bidbuddy.bot
URL: https://bidbuddy.bot/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Bubble-Fiber-ID: 1719162156002x788013595189889400
X-Bubble-PL: 1719162150439x496
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://bidbuddy.bot/
cache-control: no-cache
Referer: https://bidbuddy.bot/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 17:02:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-bubble-perf: {"total":11.6,"percents":{"top":{"bubble_cpu":28.8,"block":66.4,"capacity_rl":0,"other_pause":0,"pre_fiber":5.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":39.6,"fiber_queue":5.1,"capacity_wait":16.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":501338}}
server: cloudflare
x-bubble-appname: chase-36023
x-powered-by: Express
x-bubble-request-took: 11
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
x-bubble-capacity-used: 0.008 unit-seconds used
cf-ray: 89860bf329a9bf2f-WAW
alt-svc: h3=":443"; ma=86400
x-bubble-capacity-limit: 0 ms slower

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bidbuddy.bot/	1970-01-20 21:37:01	Name: chase-36023_live_u2main Value: bus\|1719162150404x746731396235729800\|1719162150421x931913417839217400
.bidbuddy.bot/	1970-01-20 21:37:01	Name: chase-36023_live_u2main.sig Value: B4vTir8i4jmsc01nZ7IwTEMZR8Y
.bidbuddy.bot/	1969-12-31 23:59:59	Name: chase-36023_u1main Value: 1719162150404x746731396235729800
.bidbuddy.bot/	1970-01-21 07:08:42	Name: _ga Value: GA1.2.2014437239.1719162153
.bidbuddy.bot/	1970-01-20 21:34:08	Name: _gid Value: GA1.2.1968317587.1719162153
.bidbuddy.bot/	1970-01-20 21:32:42	Name: _gat Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://bidbuddy.bot/(Line 272) Message: Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
other	warning	URL: https://js.driftt.com/include/1719162300000/.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bidbuddy.bot
cdn.jsdelivr.net
cdn.plaid.com
d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.driftt.com
plst237.s3.amazonaws.com
www.google-analytics.com
104.16.42.105
18.244.28.62
2600:9000:211e:4c00:1c:37e5:3f40:21
2606:4700::6812:bb1f
2a00:1450:4001:803::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
3.5.24.134
52.222.149.43
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
1122ab8f97bf44c0852e3ef1068662d352c3293764affe8fa31fe96ec39590eb
1745780cb47d9d0b38e2f31a12fbd243a902bad42a2372c1affa3850fe83c324
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e17c66b0bccfe2d6f34849744762cf1109de0ef1941b8924760756ecffb5897
1e7277d54e42530a5701fba6d1cf0cfde44db37c4368a878ba6e434240b026be
2037c0cffae2688b5332df106c910e1532df3643c28b9023ff746645acda3f70
222400f34d9157773528886444b9651ae56c895aa29c6fb14dc560f173792e84
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
27316da1524f9aa89d9284af4e5c948f1575066921335f34f37661b71175f42e
2ddcf17135424e7d99ee65e684e019bbc0c12d17a0677d45f0752fce3acb7fa2
39e77c1d61efe36b20db086a7bef78081e4c06bfc167b25798747f83d86c6d6c
3bd6170f7d2eeaecae9656102c483a50e546a308fc95c982e4f656abd931719e
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4962051db9426f370d30bcd8bd3c44223b946e0625f3d9356848d16c82225f36
4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb
57329622c0571f0bc59a56da7cbbb007f53a6f69f66302fc41a99cdb429c5f8d
674b38f4452325c884b348b3db61d312dacc086267ba93ab9e891bef2b9bbb82
6c6973b84c78083006d4f2167ed3cbc6f6469cdf819a0474abfa40b91a3699c8
717ad635ff8c1e8f2f0ece2c7d557a9051f69627c4bfc1ec0a3bd1c29e9a24ec
720ebb26682913a08629c329c05560f33723b48725850e137441344b4207b769
725be8bdefadaf9beaaed246b095cb49933d156e9857789a892b65dba2b8d19d
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
8ac2e65ad54d1facf37cc3d3f4b52302a37ca04229dcccf1671abf4ff612f89e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a5524c173244bedafac7ebb5bd8c475cbcc70a028fe95ff5b625593957d29a99
c2155ece675d4a2d99c812895cc0ae0e3c400d0cfee71750151dc6286795d739
c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454
cb57752edc96294323252e8d84fa25f975943b2ef3e87b2c984b15ca935d7657
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd6848fba970a25ddce394aab8b6566ef0ce9a48ecc4fdda2e01ab090817f783

bidbuddy.bot Open in urlscan Pro 104.16.42.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

56 %IPv6

9 Domains

9 Subdomains

10 IPs

3 Countries

1485 kBTransfer

5670 kBSize

6 Cookies

0 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bidbuddy.bot Open in urlscan Pro
104.16.42.105 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

1485 kB
Transfer

5670 kB
Size

6
Cookies

36 HTTP transactions
1 data transactions