bidlab.ai Open in urlscan Pro
8.2.108.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bidlab.ai/
Effective URL:
https://bidlab.ai/login
Submission: On August 14 via manual (August 14th 2023, 2:34:35 pm UTC) from PE — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 8.2.108.111, located in United States and belongs to NATCOWEB, US. The main domain is bidlab.ai. The Cisco Umbrella rank of the primary domain is 69085.
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.

This is the only time bidlab.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 21	8.2.108.111 8.2.108.111	46636 (NATCOWEB) (NATCOWEB)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
31	4

21 8.2.108.111 (United States) 2 redirects

ASN46636 (NATCOWEB, US)

bidlab.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bidlab.ai 2 redirects bidlab.ai — Cisco Umbrella Rank: 69085	466 KB
5	gstatic.com www.gstatic.com	581 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	33 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
31	4

	Domain	Requested by
21	bidlab.ai	2 redirects bidlab.ai
5	www.gstatic.com	www.google.com
4	www.google.com	bidlab.ai www.gstatic.com www.google.com
3	fonts.googleapis.com	bidlab.ai
31	4

This site contains no links.

Subject Issuer	Validity	Valid
*.bidlab.ai R3	`2023-05-31` - `2023-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://bidlab.ai/login
Frame ID: D6083DB72ECC3F61D27A475F6B9841A5
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY&co=aHR0cHM6Ly9iaWRsYWIuYWk6NDQz&hl=de&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=p07pa9cru600
Frame ID: AB25F86C20E841146D85F2D7E84A1CC5
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY
Frame ID: D9BB71FA146D18188A3ACC3FF176F666
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SSP | Bidlab

Page URL History Show full URLs

http://bidlab.ai/ HTTP 301
https://bidlab.ai/ HTTP 301
https://bidlab.ai/login Page URL

Detected technologies

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*materialize(?:\.min)?\.css
materialize(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

31
Requests

39 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1081 kB
Transfer

3704 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bidlab.ai/ HTTP 301
https://bidlab.ai/ HTTP 301
https://bidlab.ai/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
bidlab.ai/
Redirect Chain

http://bidlab.ai/
https://bidlab.ai/
https://bidlab.ai/login

21 KB
6 KB

444ms
210ms

Document
text/html

8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

5afda043049fa3a65af85b162e70285e63a750ba01ef49dc31d6ffd465d1b58d

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: close
Content-Encoding: gzip
Content-Length: 5026
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Type: text/html;charset=UTF-8
Date: Mon, 14 Aug 2023 14:34:29 GMT
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, private
Connection: close
Content-Length: 338
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Aug 2023 14:34:29 GMT
Location: https://bidlab.ai/login
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 11 KB
860 B 144ms
53ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 14:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 13:14:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 14:34:29 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 143ms
52ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 14:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 14:34:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 14:34:29 GMT

GET
H/1.1 200
OK simple-line-icons.css
bidlab.ai/css/ 13 KB
4 KB 352ms
118ms Stylesheet
text/css 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/css/simple-line-icons.css

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 2718
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "329e-6014d3875d6e5-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK animate.min.css
bidlab.ai/css/ 52 KB
5 KB 353ms
119ms Stylesheet
text/css 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/css/animate.min.css

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 3954
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "ce35-6014d3875d6e5-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK materialize.css
bidlab.ai/css/ 124 KB
22 KB 360ms
125ms Stylesheet
text/css 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/css/materialize.css

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

001988bb9e47c2df7916f9ef77b31a4d10d879f629b9371935cb4d81bdfc21a8

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 21390
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "1f074-6014d3cd1714a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK style.css
bidlab.ai/css/ 131 KB
26 KB 361ms
126ms Stylesheet
text/css 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/css/style.css

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

bf04d79871368dc38871151cb264369f5c2cce346bcec7805ffdf52c453c9ac8

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 26111
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "20be2-6014d3cd1714a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK logo.svg
bidlab.ai/imgs/ 3 KB
4 KB 168ms
115ms Image
image/svg+xml 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bidlab.ai/imgs/logo.svg

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

0f18172fd75a59b963b1dccbc74b0983fec238af076605e79f548f2ee296687e

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Connection: Keep-Alive
Content-Length: 2893
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "b4d-6014d387634a5"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK moment.min.js Show response
bidlab.ai/js/ 1 MB
114 KB 367ms
132ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/moment.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

5b96cd223a4838b6339b03d29c27e3c26438e31d5cc0f826ae5e6326e549ff04

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "107f81-6014d3cd161aa-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.min.js Show response
bidlab.ai/js/ 90 KB
32 KB 361ms
126ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/jquery.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

2ed71f22d09cbd82d640a3c631efc1780085509700ab95d5058f38fd347edd50

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 32180
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "169d4-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK materialize.min.js Show response
bidlab.ai/js/ 145 KB
45 KB 128ms
128ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/materialize.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

7e279d6abe8e33c81868f9b63e9f8419e4642b1db5852b842ebaf3d78807b3ff

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 45490
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "244e6-6014d3cd2a9ca-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK materialize.tooltipCool.min.js Show response
bidlab.ai/js/ 4 KB
3 KB 116ms
116ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/materialize.tooltipCool.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

b7b429581fca9950b602963f95cec2bd8b6414caf0e84592b4d4c812b1371464

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 1773
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "11db-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.daterangepicker.min.js Show response
bidlab.ai/js/ 35 KB
8 KB 118ms
118ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/jquery.daterangepicker.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

27460f05363410ca0eb6b0ba4b2d1110b7005f05e0db4bfb1c1781d66ecf09f2

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 7718
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "8ab1-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK jquery.nicescroll.min.js Show response
bidlab.ai/js/ 144 KB
47 KB 130ms
129ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/jquery.nicescroll.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

b5ff6891f7a3b08ff62dda94d891eaf1dcdcdbe79225f565954b704b908609f6

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 46844
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "24182-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.quicksearch.min.js Show response
bidlab.ai/js/ 12 KB
5 KB 117ms
117ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/jquery.quicksearch.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

fc3bedb3e1226a67390e56c9c7998809471128d744096e3815830cc2bb7926d0

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 4243
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "2e43-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.sumoselect.min.js Show response
bidlab.ai/js/ 21 KB
7 KB 117ms
117ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/jquery.sumoselect.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

401cd156e57af8ecc2ba7c1f416867f69c4c89054600618f11b2973d2d57bf5c

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 6200
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "5280-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK core.js Show response
bidlab.ai/js/ 196 KB
41 KB 132ms
132ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/core.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

564adebc906c3aa0715f589394dc4adf7dc61f04010a95f8329ee6245a18794a

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 40884
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "311db-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK common.min.js Show response
bidlab.ai/js/ 61 KB
17 KB 141ms
140ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/common.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

c7e9febf341881db29ea6b9edddafe2bfca2bd810b2ebeac30f037004159d9b3

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 16036
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "f288-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
899 B 139ms
51ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1b59880fb963d63974fb136b926066b96849196b4dc7d0af5d721b142656ac7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579
x-xss-protection: 1; mode=block
expires: Mon, 14 Aug 2023 14:34:29 GMT

GET
H/1.1 200
OK auth.min.js Show response
bidlab.ai/js/ 5 KB
3 KB 117ms
117ms Script
application/javascript 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/js/auth.min.js

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

aa2c7f718cf33aad1325f2458be14fd582656dfcec00df423236c5346eebeebb

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidlab.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 1595
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Server: Apache
ETag: "1589-6014d3cd0c56a-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H2 200 css
fonts.googleapis.com/ 8 KB
841 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 14:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 13:24:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 14:34:30 GMT

GET
H/1.1 404
Not Found Poppins-Medium.ttf
bidlab.ai/fonts/Poppins/ 0
0 283ms
231ms Font
text/html 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/fonts/Poppins/Poppins-Medium.ttf

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bidlab.ai/css/style.css
Origin: https://bidlab.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin
Server: Apache
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: close
Content-Length: 3608
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fontawesome-webfont.woff2
bidlab.ai/fonts/ 75 KB
76 KB 116ms
116ms Font
application/octet-stream 8.2.108.111
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://bidlab.ai/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: bidlab.ai
URL: https://bidlab.ai/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.2.108.111 , United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bidlab.ai/css/style.css
Origin: https://bidlab.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 14:34:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin
Server: Apache
Content-Security-Policy: default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
ETag: "12d68-6014d3875e685"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Cache-Control: no-cache, private
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 77160
X-XSS-Protection: 1; mode=block

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 441 KB
178 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://bidlab.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181564
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 14:08:37 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AB25 55 KB
31 KB 63ms
62ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY&co=aHR0cHM6Ly9iaWRsYWIuYWk6NDQz&hl=de&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=p07pa9cru600

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27417d4c14717377982fc9df8eca718a772e19de93c37e4f41d0617b457c8e02

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ivZa2ysZji8V1Z6hcJy_hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31347
content-security-policy: script-src 'report-sample' 'nonce-ivZa2ysZji8V1Z6hcJy_hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 14:34:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame AB25 55 KB
24 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY&co=aHR0cHM6Ly9iaWRsYWIuYWk6NDQz&hl=de&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=p07pa9cru600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 14:03:21 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame AB25 441 KB
177 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181564
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 14:08:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame AB25 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=3kTz7WGoZLQTivI-amNftGZO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9c87b1ce80a8696f4790411959bb5cf0ccf1bc0a9c8cf2477c88a44e1104f4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY&co=aHR0cHM6Ly9iaWRsYWIuYWk6NDQz&hl=de&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=p07pa9cru600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 14 Aug 2023 14:34:31 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D9BB 7 KB
1 KB 56ms
55ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b13693c91b9a7c47cf9e4f7e69bd9f6340cf8ec190172d72fc357a894248ab0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cI5lRGcsEGHhZOaxqSKLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1160
content-security-policy: script-src 'report-sample' 'nonce-cI5lRGcsEGHhZOaxqSKLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 14:34:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame D9BB 55 KB
24 KB 40ms
40ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 14:03:21 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame D9BB 441 KB
177 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lc18s0UAAAAACQuvNcQIE0-_nl5d0x23pk0rkMY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181564
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 14:08:37 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bidlab.ai/	1969-12-31 23:59:59	Name: _magick Value: lfrcubrekojk57m7s7csqi85tk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bidlab.ai/fonts/Poppins/Poppins-Medium.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * self blob: data: gap:; style-src * self 'unsafe-inline'; object-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' blob: data: gap:; frame-src * self blob: data: gap:;font-src * 'self' blob: data: gap:;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bidlab.ai
fonts.googleapis.com
www.google.com
www.gstatic.com
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
8.2.108.111
001988bb9e47c2df7916f9ef77b31a4d10d879f629b9371935cb4d81bdfc21a8
0f18172fd75a59b963b1dccbc74b0983fec238af076605e79f548f2ee296687e
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae
27417d4c14717377982fc9df8eca718a772e19de93c37e4f41d0617b457c8e02
27460f05363410ca0eb6b0ba4b2d1110b7005f05e0db4bfb1c1781d66ecf09f2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ed71f22d09cbd82d640a3c631efc1780085509700ab95d5058f38fd347edd50
401cd156e57af8ecc2ba7c1f416867f69c4c89054600618f11b2973d2d57bf5c
564adebc906c3aa0715f589394dc4adf7dc61f04010a95f8329ee6245a18794a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5afda043049fa3a65af85b162e70285e63a750ba01ef49dc31d6ffd465d1b58d
5b96cd223a4838b6339b03d29c27e3c26438e31d5cc0f826ae5e6326e549ff04
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
6b13693c91b9a7c47cf9e4f7e69bd9f6340cf8ec190172d72fc357a894248ab0
7e279d6abe8e33c81868f9b63e9f8419e4642b1db5852b842ebaf3d78807b3ff
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a9c87b1ce80a8696f4790411959bb5cf0ccf1bc0a9c8cf2477c88a44e1104f4b
aa2c7f718cf33aad1325f2458be14fd582656dfcec00df423236c5346eebeebb
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
b5ff6891f7a3b08ff62dda94d891eaf1dcdcdbe79225f565954b704b908609f6
b7b429581fca9950b602963f95cec2bd8b6414caf0e84592b4d4c812b1371464
bf04d79871368dc38871151cb264369f5c2cce346bcec7805ffdf52c453c9ac8
c1b59880fb963d63974fb136b926066b96849196b4dc7d0af5d721b142656ac7
c7e9febf341881db29ea6b9edddafe2bfca2bd810b2ebeac30f037004159d9b3
fc3bedb3e1226a67390e56c9c7998809471128d744096e3815830cc2bb7926d0

bidlab.ai Open in urlscan Pro 8.2.108.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

39 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

1081 kBTransfer

3704 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bidlab.ai Open in urlscan Pro
8.2.108.111 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

39 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1081 kB
Transfer

3704 kB
Size

1
Cookies

31 HTTP transactions
0 data transactions