urlscan.io logo urlscan.io
SecurityTrails logo

ads.bid Open in urlscan Pro
88.208.54.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://2vaxwkujrfwh.info/
Effective URL: https://ads.bid/
Submission: On December 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 17 domains to perform 66 HTTP transactions. The main IP is 88.208.54.88, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ads.bid.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 30th 2019. Valid for: 3 months.
This is the only time ads.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 88.208.54.88 39572 (ADVANCEDH...)
6 2a03:90c0:999... 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6b8:a::a 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.22.2 15169 (GOOGLE)
1 5 2a02:6b8::1:119 13238 (YANDEX)
4 87.240.137.158 47541 (VKONTAKTE...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 94.130.66.148 24940 (HETZNER-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.155.68.125 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
4 217.69.133.145 47764 (MAILRU-AS...)
1 77.246.156.238 29182 (THEFIRST-AS)
66 19
28    88.208.54.88 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
2vaxwkujrfwh.info
ads.bid
adblock.medicineteaser.org
6    2a03:90c0:9997::9997 (Germany)

ASN199524 (GCORE, AT)
code.jivosite.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    172.217.22.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
4    87.240.137.158 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv158-137-240-87.vk.com
vk.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    94.130.66.148 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.66.130.94.clients.your-server.de
tag.oneretarget.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    54.155.68.125 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-155-68-125.eu-west-1.compute.amazonaws.com
node132.jivosite.com
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
4    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
1    77.246.156.238 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: telemetry.jivosite.com
telemetry.jivosite.com
Domain Requested by
26 adblock.medicineteaser.org ads.bid
6 code.jivosite.com ads.bid
code.jivosite.com
5 mc.yandex.ru 1 redirects ads.bid
4 top-fwz1.mail.ru ads.bid
top-fwz1.mail.ru
4 vk.com ads.bid
3 www.google.de ads.bid
3 www.google.com 2 redirects ads.bid
2 www.facebook.com ads.bid
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 connect.facebook.net ads.bid
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.google-analytics.com www.googletagmanager.com
ads.bid
2 yandex.ru ads.bid
2 www.googletagmanager.com ads.bid
tag.oneretarget.com
1 telemetry.jivosite.com ads.bid
1 node132.jivosite.com code.jivosite.com
1 stats.g.doubleclick.net 1 redirects
1 tag.oneretarget.com ads.bid
1 fonts.googleapis.com ads.bid
1 ads.bid
1 2vaxwkujrfwh.info 1 redirects
66 21

This site contains links to these domains. Also see Links.

Domain
medicineteaser.org
store.profitclicks.ru
yandex.ru
t.me
vk.com
join.skype.com
www.jivosite.ru
Subject Issuer Validity Valid
ads.bid
Let's Encrypt Authority X3		 2019-10-30 -
2020-01-28		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2017-04-10 -
2020-06-04		 3 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
yandex.ru
Yandex CA		 2019-09-05 -
2020-09-04		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
vk.com
Sectigo ECC Extended Validation Secure Server CA		 2019-07-11 -
2020-07-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
tag.oneretarget.com
Let's Encrypt Authority X3		 2019-10-07 -
2020-01-05		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2019-01-18 -
2021-01-18		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://ads.bid/
Frame ID: 79F9CA8FE257A51FF0502D5FDD42B79C
Requests: 64 HTTP requests in this frame

Frame: https://yandex.ru/map-widget/v1/?um=constructor%3A514b7aab27d1e90c108030586e75b58a74da8763fe858f58b3a2407902ac1415&source=constructor
Frame ID: 631E08600F440509D39108A9E6E335AE
Requests: 1 HTTP requests in this frame

Frame: https://yandex.ru/map-widget/v1/?um=constructor%3A4167b2b1624bfad5e6cc02120902f700f7ac9b3b1fd301a9a42634e707e4ff07&source=constructor
Frame ID: 6E35BC27E6ACBD23C1DAB744AE065F74
Requests: 1 HTTP requests in this frame

Frame: https://telemetry.jivosite.com/w?param1=4.6.9&param2=0.1&param3=newCode&event=bundle_loaded&widget_id=bmOTGioHaW&chat_mode=online&site_id=1095537&device=desktop&visitor_id=335f822e7b8eed29&widget_version=4.6.9&shard=main
Frame ID: 2FF014260DD7DE25EEA9BA6C21681C3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://2vaxwkujrfwh.info/ HTTP 301
    https://ads.bid/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

66
Requests

100 %
HTTPS

63 %
IPv6

17
Domains

21
Subdomains

19
IPs

6
Countries

2901 kB
Transfer

5637 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2vaxwkujrfwh.info/ HTTP 301
    https://ads.bid/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&gjid=398198884&_gid=1104872381.1576373007&_u=YGBAgEAB~&z=1732063237 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237&slf_rd=1&random=2529870694
Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Dov1XbTQOYiOrASesJDYCQ&sscte=1&crd=&gtd=&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh4rQOPJabkcuFtUJH06jI_-itD4JXtaAo HTTP 302
  • https://www.google.com/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=Dov1XbTQOYiOrASesJDYCQ&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh8wfd1_BZu7bvUdh_-U6gg2p16ROJkLto&random=3957140008&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=Dov1XbTQOYiOrASesJDYCQ&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh8wfd1_BZu7bvUdh_-U6gg2p16ROJkLto&random=3957140008&resp=GooglemKTybQhCsO&ipr=y
Request Chain 47
  • https://mc.yandex.ru/watch/55210021?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2 HTTP 302
  • https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
ads.bid/
Redirect Chain
  • http://2vaxwkujrfwh.info/
  • https://ads.bid/
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
685a60ca50a933acbd60c08347adbff1eb6612ac49209448a57bd6db30b0cb15

Request headers

Host
ads.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Server
nginx/1.17.3
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlFSRHRUdGlyb1RuNVFSUW95UDhrK2c9PSIsInZhbHVlIjoiOEg2T3lLcHJJMytxdFgzeGpqbHhoYW1GUG1UU3hcL1wvVU1wMEhcLzNlbXNwZXFHc05iYkR3TGtOTlJMc296QVliRSIsIm1hYyI6ImNiNzNmZDM2YzdkZTVlMDEwYTQyZWNkZjhhNDMzMWU5YjRhYTJhMDc5ZjdjMzg3OGVmOTk2ODkzMmY2NjQ0ZWIifQ%3D%3D; expires=Mon, 16-Dec-2019 01:23:26 GMT; Max-Age=86400; path=/ laravel_session=eyJpdiI6IlQwSzFRNitHQzh2bUJDYmI5VHpNbGc9PSIsInZhbHVlIjoiRTFpY241NGhFdW1vNmR2ck1CdDkwelVQR0lJZUlzekFhYTMrUGxLVFNpbnNDMVBrV3YzYmRteFlGWWhCclg3TiIsIm1hYyI6ImEwYWRiYjc0ZTRkY2Y3MzJkM2NiY2VmNTFkNmRmOThlNmE1ZDcwZmRjZTMyZTcwYjE3NWNjZDM2ZjYzMDhhOGQifQ%3D%3D; expires=Mon, 16-Dec-2019 01:23:26 GMT; Max-Age=86400; path=/; httponly
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
Content-Encoding
gzip

Redirect headers

Server
nginx/1.16.0
Date
Sun, 15 Dec 2019 01:23:26 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://ads.bid
Strict-Transport-Security
max-age=31536000
widget.js
code.jivosite.com/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/widget.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
9da8657b6d7d7aad21d001303e0b87a8ab6a7dda4580e79d436feb346e3bbed2

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
nkf-up-gc15, cec-up-gc11
date
Sun, 15 Dec 2019 01:23:26 GMT
via
1.1 sharxy
x-cached-since
2019-12-09T14:50:58+00:00, 2019-12-15T01:07:57+00:00
status
200
x-shard
shieldShard0_80
content-length
17249
last-modified
Mon, 09 Dec 2019 07:27:05 GMT
server
nginx
etag
"5dedf749-4361"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT, HIT
accept-ranges
bytes
expires
Mon, 09 Dec 2019 16:50:58 GMT
landing.css
adblock.medicineteaser.org/css/ 		192 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/css/landing.css
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
3859f1b20059e3f44932a2f195a9a5512e9be713d3925f6cb879069b0616db25

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
W/"5df36c7b-300ab"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
icon
fonts.googleapis.com/ 		574 B
430 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Dec 2019 01:23:26 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 15 Dec 2019 01:23:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 15 Dec 2019 01:23:26 GMT
close.png
adblock.medicineteaser.org/images/landing/ 		511 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/close.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
284c96c27764afadb67daa628422d1494f48abca6c2ea5fd6bcd6d2a3eee3993

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-1ff"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
511
user-icon.png
adblock.medicineteaser.org/images/landing/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/user-icon.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7756ddc8ae5b4106cb0c82a79adfb3b61b43c99601e834ddcc35a6b9def0df7a

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-1075"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
4213
logo.svg
adblock.medicineteaser.org/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/logo.svg
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
984e5de85690373b09c8b16e4a74cf857851eae730c48254c33d55f4d35ca7ad

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-3032"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
12338
sandwich.png
adblock.medicineteaser.org/images/landing/ 		225 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/sandwich.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
6a647ebd3d72866eb30720125c4cf2997fd30007f8cefb5bad1ebcfdd14a153e

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-e1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
225
close-blue.png
adblock.medicineteaser.org/images/landing/ 		330 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/close-blue.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
ce6d671c03faf0eed9e67e34cea57c406f402ccd680ad6c6495ae16e9c94e345

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-14a"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
330
graph-mobile-3.png
adblock.medicineteaser.org/images/landing/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/graph-mobile-3.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
655e4df00465ca01a9193495e32a413c196baaa7cc5b64cc9796132e781578ad

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-19ecb"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
106187
notebook.png
adblock.medicineteaser.org/images/landing/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/notebook.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a4168fee1facc89c4491707b70d6ffafb00b9db1136810ee509996c18bd8052b

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-aaae"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
43694
klyaksa.png
adblock.medicineteaser.org/images/landing/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/klyaksa.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f250dd7f428107dbb2fd26c9ce688d259e2d9cbd7f2719764298d9dff235e0cd

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-556d"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
21869
fly-mac.png
adblock.medicineteaser.org/images/landing/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/fly-mac.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f7ea480101aeab8d9862060d9d6c1972e40f720dd5bb41efdc6e4f8d2edc9be0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-126d7"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
75479
telegram.png
adblock.medicineteaser.org/images/landing/ 		753 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/telegram.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c5a1a79d268069962313296646c46c5ca04756e0987cb304b60ae800c1394491

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-2f1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
753
vk.png
adblock.medicineteaser.org/images/landing/ 		908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/vk.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
fae0f024d64c27523a74161a0cfba30e78eb145f6c35a938db476c6165eb8ca2

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-38c"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
908
vk-hover.png
adblock.medicineteaser.org/images/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/vk-hover.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a94634ad7084a964809c5de6ebe8f15c27da08a8e02bdc0129700e3823844290

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-a0b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
2571
skype.png
adblock.medicineteaser.org/images/landing/ 		964 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/skype.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
61467e93a9af337db8fce804c104d36e6f4f1889452c94a69fc5519ca82c44c9

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-3c4"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
964
skype-hover.png
adblock.medicineteaser.org/images/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/skype-hover.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
709b3558ec592ef19670dccc09c169fb44bef7b1ca1a556a87e304729c648374

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-a8b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
2699
mail.png
adblock.medicineteaser.org/images/landing/ 		691 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/mail.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f21638566beb7db0df8c58067ca66342b88d9a1d0f8b0ac625a75576c83319f7

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-2b3"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
691
mail-hover.png
adblock.medicineteaser.org/images/landing/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/mail-hover.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
3a003b3d92f70e76da4fc61a3983b2dd0fd618a7f69f886035a396959ee13b3b

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-91d"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
2333
manifest.js
adblock.medicineteaser.org/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/js/manifest.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-5d5"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
1493
vendor.js
adblock.medicineteaser.org/js/ 		1 MB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/js/vendor.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
185fd7d03210fc6b943c7e0faf58594e7e61a60d866f802eccb7427a4a9ae07f

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
W/"5df36c7b-111e91"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
landing.js
adblock.medicineteaser.org/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/js/landing.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
61af1af1d8efabd8776a11762213ad062864f71f77c2b90bf174a7e0f24f2e77

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
W/"5df36c7b-a852"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
gtm.js
www.googletagmanager.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKDDNLD
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb7f38cf530b7271d33ce14ccf9f8363c7ba6947fd5b589d509c0a6a0267dea7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:26 GMT
content-encoding
br
last-modified
Sun, 15 Dec 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25283
x-xss-protection
0
expires
Sun, 15 Dec 2019 01:23:26 GMT
/
yandex.ru/map-widget/v1/ Frame 631E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/map-widget/v1/?um=constructor%3A514b7aab27d1e90c108030586e75b58a74da8763fe858f58b3a2407902ac1415&source=constructor
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=6074879571576373006&yandex_login=undefined
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
yandex.ru
:scheme
https
:path
/map-widget/v1/?um=constructor%3A514b7aab27d1e90c108030586e75b58a74da8763fe858f58b3a2407902ac1415&source=constructor
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ads.bid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads.bid/

Response headers

status
200
content-security-policy
default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=6074879571576373006&yandex_login=undefined
vary
Accept-Encoding
date
Sun, 15 Dec 2019 01:23:27 GMT
x-content-type-options
nosniff
set-cookie
yandexuid=6074879571576373006; Domain=.yandex.ru; Path=/; Expires=Sat, 15 Dec 2029 01:23:26 GMT i=WFfWdzKE29Tbg1y64+NOc+6mYUYj6fMtRV5ye+y3XvQzRsJR554nMxmD+uH+PgTZWvyPuZN5Mr/Zt6thYQ213jHTGu4=; Expires=Wed, 12-Dec-2029 01:23:26 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
etag
W/"f64-bVDYXUTxQZy8uA/hZVTbLA"
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
content-encoding
gzip
/
yandex.ru/map-widget/v1/ Frame 6E35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/map-widget/v1/?um=constructor%3A4167b2b1624bfad5e6cc02120902f700f7ac9b3b1fd301a9a42634e707e4ff07&source=constructor
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=4213553571576373006&yandex_login=undefined
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
yandex.ru
:scheme
https
:path
/map-widget/v1/?um=constructor%3A4167b2b1624bfad5e6cc02120902f700f7ac9b3b1fd301a9a42634e707e4ff07&source=constructor
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ads.bid/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads.bid/

Response headers

status
200
content-security-policy
default-src 'self'; connect-src https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru *.yandex.ru *.yandex.net; script-src 'self' 'unsafe-inline' yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; style-src blob: 'unsafe-inline'; img-src data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.ua https://mc.yandex.com.tr https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.uz https://mc.yandex.by https://mc.yandex.kz https://mc.yandex.kg https://mc.yandex.fr https://mc.yandex.tj https://mc.yandex.lv https://mc.yandex.lt https://mc.yandex.md https://mc.yandex.tm https://mc.yandex.ee https://yandex.ru https://yandex.ua https://yandex.com.tr https://yandex.com https://yandex.kz https://yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://mc.admetrica.ru; frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; child-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net; report-uri https://csp.yandex.net/csp?from=map-widget&yandexuid=4213553571576373006&yandex_login=undefined
vary
Accept-Encoding
date
Sun, 15 Dec 2019 01:23:27 GMT
x-content-type-options
nosniff
set-cookie
yandexuid=4213553571576373006; Domain=.yandex.ru; Path=/; Expires=Sat, 15 Dec 2029 01:23:26 GMT i=9K7ymFq+78G47QRNL7DQ0IH8TNJhKfHr9ddTyGu6ISfGjRhqo2EdQxwbnZlWmkJcersOE1Mo4TGjixQKYXF2SxNC78o=; Expires=Wed, 12-Dec-2029 01:23:26 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
etag
W/"f65-XbLZi+XUDK66jYHLdrOtHw"
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
content-encoding
gzip
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDDNLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2989
date
Sun, 15 Dec 2019 00:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 15 Dec 2019 02:33:37 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDDNLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9933
x-xss-protection
0
server
cafe
etag
9795501548502167919
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 15 Dec 2019 01:23:26 GMT
tag.js
mc.yandex.ru/metrika/ 		361 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
23c88348f3c726fb54f09b238531e63f2a00042f7be0de87ce03640382caa7b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:26 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Dec 2019 10:33:56 GMT
Server
nginx/1.14.2
ETag
"5def7494-16ced"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93421
Expires
Sun, 15 Dec 2019 02:23:26 GMT
openapi.js
vk.com/js/api/ 		96 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?162
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv158-137-240-87.vk.com
Software
VK /
Resource Hash
a3dbceb309daebd30f05e8bf72bdf2e82b680b892399bd20c3d05673297d052b

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:27 GMT
content-encoding
gzip
x-frontend
front632921
last-modified
Sat, 14 Dec 2019 20:19:38 GMT
server
VK
etag
"5df543da-5a8d"
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23181
expires
Thu, 19 Dec 2019 01:23:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
l2+LrdUf7jNJddSsF59UxRQrBF+/HHuUgsZIE73rP0EdLwsgRt2HbwpAZd01rgkDs2x5UUMstXdZlW/Dmy0xyQ==
x-fb-trip-id
2047048586
date
Sun, 15 Dec 2019 01:23:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
11239_ads.bid.js
tag.oneretarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.oneretarget.com/11239_ads.bid.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.66.130.94.clients.your-server.de
Software
nginx/1.15.11 /
Resource Hash
2235e5326f4b9488e8595ca91413ad94653d6a40b849e602a6157fbcfc6399a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Nov 2019 11:23:15 GMT
Server
nginx/1.15.11
ETag
"5dca9623-1740"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Connection
keep-alive
Content-Security-Policy-Report-Only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Content-Length
5952
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1439610090&t=pageview&_s=1&dl=https%3A%2F%2Fads.bid%2F&ul=en-us&de=UTF-8&dt=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1937851077&gjid=398198884&cid=1631825060.1576373007&tid=UA-147625936-1&_gid=1104872381.1576373007&gtm=2wgc61PKDDNLD&z=1294637366
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Nov 2019 09:10:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2218374
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&gjid=398198884&_gid=1104872381.1576373007&_u=YGBAgEAB~&z=1732063237
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237&slf_rd=1&random=2529870694
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237&slf_rd=1&random=2529870694
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-147625936-1&cid=1631825060.1576373007&jid=1937851077&_v=j79&z=1732063237&slf_rd=1&random=2529870694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2843685072343467
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2843685072343467?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
61011e604925cf6ceb8f362be27d31b7d115ff7ae23839226609a5aabcae3992
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
JaD8ab96CNmQabVHD7tXCy0IOm9LE9FRs4KnWNuLugU2JjMypDiIT8wS53P06gqrAS2H/gwOrldWExzUYo8PXw==
x-fb-trip-id
2047048586
date
Sun, 15 Dec 2019 01:23:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
bmOTGioHaW
code.jivosite.com/script/widget/config/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/bmOTGioHaW
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
1d0a103da6b7cdf67acf57ad7ebef4e64f241d5e2b2f154694815112d3686fed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads.bid/
Origin
https://ads.bid

Response headers

x-id
nkf-up-gc7, cec-up-gc11
date
Sun, 15 Dec 2019 01:23:26 GMT
via
1.1 sharxy
server
nginx
status
200
vary
Accept-Encoding
x-cached-since
2019-12-14T22:20:34+00:00, 2019-12-14T22:57:29+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT, STALE
x-shard
shieldShard0_80
accept-ranges
bytes
content-length
2654
expires
Sun, 15 Dec 2019 00:20:34 GMT
/
www.googleadservices.com/pagead/conversion/696611158/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/696611158/?random=1576373006925&cv=9&fst=1576373006925&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fads.bid%2F&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
938b47647e445588558766f22dba09262dce4354bc9df082ce03cac5aed2d5f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bmOTGioHaW
node132.jivosite.com/widget/status/1095537/ 		202 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node132.jivosite.com/widget/status/1095537/bmOTGioHaW?rnd=0.7947863763664984
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.68.125 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-155-68-125.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7141f75e8a65e837118c34935fb67ac42cb5d636b3e79dc4baa8ca9866d8dc40

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ads.bid/
Origin
https://ads.bid

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Server
nginx
X-BotMode
no
X-GeoIP
BE;11;Brussels
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-geoip, x-botmode
Connection
keep-alive
Content-Length
202
/
www.google.de/pagead/1p-conversion/696611158/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
  • https://www.google.com/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
  • https://www.google.de/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=Dov1XbTQOYiOrASesJDYCQ&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh8wfd1_BZu7bvUdh_-U6gg2p16ROJkLto&random=3957140008&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:27 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/696611158/?random=595541555&cv=9&fst=*&num=1&value=0&label=W4F9CIj41rMBENbilcwC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https://ads.bid/&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=Dov1XbTQOYiOrASesJDYCQ&eitems=ChEIgK3S7wUQuqiv_fbsxui1ARIdAHAUnSh8wfd1_BZu7bvUdh_-U6gg2p16ROJkLto&random=3957140008&resp=GooglemKTybQhCsO&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main-bg.png
adblock.medicineteaser.org/images/landing/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/main-bg.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
ccde94d69d0437bc1ded3c4fa23def4c65fbd899bd70e736590c31f543efb3cf

Request headers

Referer
https://adblock.medicineteaser.org/css/landing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-10c5a4"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
1099172
Montserrat-SemiBold.woff
adblock.medicineteaser.org/fonts/montserrat/ 		135 KB
135 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/fonts/montserrat/Montserrat-SemiBold.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e47879993ba04778087685eb53bfc03caf05da15f89f87aec961bf7aa638817d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://adblock.medicineteaser.org/css/landing.css
Origin
https://ads.bid

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-21bf8"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138232
sprite_front.png
adblock.medicineteaser.org/images/landing/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblock.medicineteaser.org/images/landing/sprite_front.png
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
8ee1f9d09cc295f7e7d827c53b0d7ae66752a502da527513377b1d4aa410ee76

Request headers

Referer
https://adblock.medicineteaser.org/css/landing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-4c2f"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
19503
Montserrat-Medium.woff
adblock.medicineteaser.org/fonts/montserrat/ 		135 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/fonts/montserrat/Montserrat-Medium.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f16f0ba0ff026f770fe84e32a59c045ec0fdd183d827ac3d854a3578c3b4ff13

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://adblock.medicineteaser.org/css/landing.css
Origin
https://ads.bid

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-21d14"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138516
Montserrat-Regular.woff
adblock.medicineteaser.org/fonts/montserrat/ 		135 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/fonts/montserrat/Montserrat-Regular.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
215a175ce4fe873fe5ccb95770980ce28b5e46b844cd459f619e8371d5effc1e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://adblock.medicineteaser.org/css/landing.css
Origin
https://ads.bid

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-21d68"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138600
Montserrat-Bold.woff
adblock.medicineteaser.org/fonts/montserrat/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adblock.medicineteaser.org/fonts/montserrat/Montserrat-Bold.woff
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e1632dc38a09dce6cb13781150c5c2559762113ac2fb5d3509827b2e23223742

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://adblock.medicineteaser.org/css/landing.css
Origin
https://ads.bid

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Fri, 13 Dec 2019 10:48:27 GMT
Server
nginx/1.17.3
ETag
"5df36c7b-21e94"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
font/woff
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
138900
/
www.facebook.com/tr/ 		44 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2843685072343467&ev=PageView&dl=https%3A%2F%2Fads.bid%2F&rl=&if=false&ts=1576373007048&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1576373007047.1731987825&it=1576373006917&coo=false&rqm=GET
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Sun, 15 Dec 2019 01:23:27 GMT
code.js
top-fwz1.mail.ru/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
900087ee075310da29b0516b9fdee9e16e77a82b96a5cc0a2f57fb0f778009b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Wed, 11 Dec 2019 11:44:33 GMT
Server
nginx
ETag
W/"5df0d6a1-3ff8"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=7200, private
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Keep-Alive
timeout=60
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-696611158
Requested by
Host: tag.oneretarget.com
URL: https://tag.oneretarget.com/11239_ads.bid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
122c67b55b2b63b085c46ac045d9d7f72ecabf208357656b35444b6359412152
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:27 GMT
content-encoding
br
last-modified
Sun, 15 Dec 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27814
x-xss-protection
0
expires
Sun, 15 Dec 2019 01:23:27 GMT
1
mc.yandex.ru/watch/55210021/
Redirect Chain
  • https://mc.yandex.ru/watch/55210021?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn...
  • https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3A...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Sun, 15-Dec-2019 01:23:27 GMT
Server
nginx/1.14.2
Location
/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://ads.bid
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sun, 15-Dec-2019 01:23:27 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 01:23:27 GMT
Last-Modified
Sun, 15-Dec-2019 01:23:27 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://ads.bid
Strict-Transport-Security
max-age=31536000
Location
/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sun, 15-Dec-2019 01:23:27 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Sun, 15 Dec 2019 02:23:27 GMT
1
mc.yandex.ru/watch/55210021/ 		152 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55210021/1?wmode=7&page-url=https%3A%2F%2Fads.bid%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576373005890%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191215022327%3Aet%3A1576373007%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A720399094%3Ahid%3A528868601%3Ads%3A24%2C35%2C690%2C1%2C156%2C0%2C0%2C298%2C0%2C%2C%2C%2C1205%3Afp%3A1144%3Awn%3A6801%3Ahl%3A2%3Agdpr%3A14%3Av%3A1779%3Awv%3A2%3Ast%3A1576373007%3Au%3A1576373007628294543%3At%3Aads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3e474a9aa4585e4b725218f14b80676122743b25faf24bd3052ffcd869dbe5f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 15 Dec 2019 01:23:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15-Dec-2019 01:23:27 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ads.bid
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Sun, 15-Dec-2019 01:23:27 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696611158/?random=1576373007293&cv=9&fst=1576373007293&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac61&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fads.bid%2F&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6c9d42c490ae00fbdde95eca29bbcc932378f518f765a307344b2c25e681b5d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1075
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtrg
vk.com/ 		49 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-425186-1SYfl&metatag_url=https%3A%2F%2Fads.bid
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv158-137-240-87.vk.com
Software
VK / PHP/3.22339
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:27 GMT
content-encoding
gzip
x-frontend
front632921
server
VK
x-powered-by
PHP/3.22339
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-405165-bHLZ5&metatag_url=https%3A%2F%2Fads.bid
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv158-137-240-87.vk.com
Software
VK / PHP/3.22339
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:27 GMT
content-encoding
gzip
x-frontend
front632921
server
VK
x-powered-by
PHP/3.22339
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
rtrg
vk.com/ 		49 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-425147-2aNzk&metatag_url=https%3A%2F%2Fads.bid
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv158-137-240-87.vk.com
Software
VK / PHP/3.22339
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:27 GMT
content-encoding
gzip
x-frontend
front632921
server
VK
x-powered-by
PHP/3.22339
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
counter
top-fwz1.mail.ru/ 		43 B
892 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3148480;u=https%3A//ads.bid/;st=1576373007095;title=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=24f027fc7d1c9c36;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1576373007322%3A1576373007339%3A1%3Adb1c8c3737aebb7ab5cd97307013c1d4;_=0.48007093563039205
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://ads.bid
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://ads.bid
Keep-Alive
timeout=60
tracker
top-fwz1.mail.ru/ 		43 B
892 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3148480;u=https%3A//ads.bid/;st=1576373007095;title=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=24f027fc7d1c9c36;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1576373007322%3A1576373007340%3A2%3Adb1c8c3737aebb7ab5cd97307013c1d4;_=0.12832702494878312;e=RG%3A/OR_2293_production_s
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 15 Dec 2019 01:23:27 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://ads.bid
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://ads.bid
Keep-Alive
timeout=60
/
www.google.com/pagead/1p-user-list/696611158/ 		42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/696611158/?random=1576373007293&cv=9&fst=1576371600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac61&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fads.bid%2F&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&async=1&fmt=3&is_vtc=1&random=1379029062&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:27 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/696611158/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/696611158/?random=1576373007293&cv=9&fst=1576371600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac61&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fads.bid%2F&tiba=ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&async=1&fmt=3&is_vtc=1&random=1379029062&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Dec 2019 01:23:27 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2843685072343467&ev=Microdata&dl=https%3A%2F%2Fads.bid%2F&rl=&if=false&ts=1576373007550&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ads.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%22%2C%22meta%3Adescription%22%3A%22%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%20%D0%B2%D1%81%D0%B5%D1%85%20%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA.%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%20%D1%81%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%B8%D0%BC%20CPM.%20100%25%20%D0%BE%D1%82%D1%87%D0%B8%D1%81%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D1%81%20%D0%BA%D0%BB%D0%B8%D0%BA%D0%B0.%20%D0%A0%D0%B5%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%20%D0%B2%D0%B5%D0%B1%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80%D0%B0.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fads.bid%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fadblock.medicineteaser.org%2Fimages%2Fog-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1576373007047.1731987825&it=1576373006917&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Dec 2019 01:23:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Sun, 15 Dec 2019 01:23:27 GMT
bundle_ru_RU.js
code.jivosite.com/js/ 		1 MB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_ru_RU.js?rand=1575903037
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
af4173498e9ac13b961c00d3c60dd2acc7409827abf7e344d7aac17579d69580

Request headers

Referer
https://ads.bid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
nkf-up-gc14, cec-up-gc11
date
Sun, 15 Dec 2019 01:23:28 GMT
content-encoding
br
x-cached-since
2019-12-09T14:50:59+00:00, 2019-12-14T14:51:31+00:00
status
200
x-shard
shieldShard0_80
content-length
227197
via
1.1 sharxy
last-modified
Mon, 09 Dec 2019 07:28:45 GMT
server
nginx
etag
"5dedf7ad-3777d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT, HIT
accept-ranges
bytes
tracker
top-fwz1.mail.ru/ 		43 B
800 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3148480;u=https%3A//ads.bid/;st=1576373007095;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=24f027fc7d1c9c36;ver=60.1.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1576373005890/////156/156/180/180/215/193/215/905/906/907/1205/1205/1205/2612/2612/;ni=10//4g/0/0/;lvid=1576373007322%3A1576373008503%3A3%3Adb1c8c3737aebb7ab5cd97307013c1d4;_=0.4721491428644795;e=RT/load;et=1576373008503
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.bid/
Origin
https://ads.bid
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 15 Dec 2019 01:23:28 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://ads.bid
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.bid
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://ads.bid
Keep-Alive
timeout=60
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91b6e35955f69e4cf8e63c79e6a6e1faba19bbe3ff80aa629dffa1cf051bdbc8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://ads.bid/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

x-id
nkf-up-gc13, cec-up-gc11
date
Sun, 15 Dec 2019 01:23:28 GMT
via
1.1 sharxy
x-cached-since
2019-12-09T14:50:58+00:00, 2019-12-09T14:51:04+00:00
status
206
x-shard
shieldShard0_80
content-length
3760
content-range
bytes 0-3759/3760
last-modified
Mon, 09 Dec 2019 07:26:33 GMT
server
nginx
etag
"5dedf729-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=864000
cache
HIT, HIT
expires
Thu, 19 Dec 2019 14:50:58 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://ads.bid/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

x-id
nkf-up-gc12, cec-up-gc11
date
Sun, 15 Dec 2019 01:23:28 GMT
via
1.1 sharxy
x-cached-since
2019-12-09T14:50:58+00:00, 2019-12-09T14:51:04+00:00
status
206
x-shard
shieldShard0_80
content-length
5808
content-range
bytes 0-5807/5808
last-modified
Mon, 09 Dec 2019 07:26:33 GMT
server
nginx
etag
"5dedf729-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=864000
cache
HIT, HIT
expires
Thu, 19 Dec 2019 14:50:58 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://ads.bid/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

x-id
nkf-up-gc9, cec-up-gc11
date
Sun, 15 Dec 2019 01:23:28 GMT
via
1.1 sharxy
x-cached-since
2019-12-09T14:50:58+00:00, 2019-12-09T14:51:04+00:00
status
206
x-shard
shieldShard0_80
content-length
5014
content-range
bytes 0-5013/5014
last-modified
Mon, 09 Dec 2019 07:26:33 GMT
server
nginx
etag
"5dedf729-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=864000
cache
HIT, HIT
expires
Thu, 19 Dec 2019 14:50:58 GMT
w
telemetry.jivosite.com/ Frame 2FF0 		7 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetry.jivosite.com/w?param1=4.6.9&param2=0.1&param3=newCode&event=bundle_loaded&widget_id=bmOTGioHaW&chat_mode=online&site_id=1095537&device=desktop&visitor_id=335f822e7b8eed29&widget_version=4.6.9&shard=main
Requested by
Host: ads.bid
URL: https://ads.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.246.156.238 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
telemetry.jivosite.com
Software
nginx /
Resource Hash
42fafa8a6b3c7b737d1bed92ca4ec0c3c256092b125a265821a760ad3bb457b3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://ads.bid

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 15 Dec 2019 01:23:29 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
x-app-instance-id
Content-Length
7
Content-Type
application/x-javascript

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| ym function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| webpackJsonp function| htmlParser function| postscribe object| _tmr function| Popper function| jQuery function| $ function| axios object| jivo_config object| Ya object| yaCounter55210021 function| gtag object| _oneretarget function| obj2qs object| fastXDM object| VK string| jivo_version object| jivo_api

20 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: i
Value: dt/6k0Ucjddf8RYImnVZLTebMhgYvoxV8qMLw08zN2Wo7qiTxP+ma7ecx059BlH6eNRMcXzi4TR35pvB2Egdj++wWOo=
.yandex.ru/ Name: mda
Value: 0
.yandex.ru/ Name: _ym_wasSynced
Value: %7B%22time%22%3A1576373008089%2C%22params%22%3A%7B%22eu%22%3A0%7D%2C%22bkParams%22%3A%7B%7D%7D
.yandex.ru/ Name: yandexuid
Value: 6074879571576373006
.ads.bid/ Name: _ym_isad
Value: 2
.ads.bid/ Name: _ym_visorc_55210021
Value: w
.ads.bid/ Name: tmr_lvidTS
Value: 1576373007322
.ads.bid/ Name: _ym_d
Value: 1576373007
.ads.bid/ Name: tmr_lvid
Value: db1c8c3737aebb7ab5cd97307013c1d4
.ads.bid/ Name: _ym_uid
Value: 1576373007628294543
.ads.bid/ Name: _gid
Value: GA1.2.1104872381.1576373007
.yandex.ru/ Name: _ym_d
Value: 1576373008
.ads.bid/ Name: tmr_reqNum
Value: 3
ads.bid/ Name: XSRF-TOKEN
Value: eyJpdiI6IlFSRHRUdGlyb1RuNVFSUW95UDhrK2c9PSIsInZhbHVlIjoiOEg2T3lLcHJJMytxdFgzeGpqbHhoYW1GUG1UU3hcL1wvVU1wMEhcLzNlbXNwZXFHc05iYkR3TGtOTlJMc296QVliRSIsIm1hYyI6ImNiNzNmZDM2YzdkZTVlMDEwYTQyZWNkZjhhNDMzMWU5YjRhYTJhMDc5ZjdjMzg3OGVmOTk2ODkzMmY2NjQ0ZWIifQ%3D%3D
.ads.bid/ Name: _ga
Value: GA1.2.1631825060.1576373007
ads.bid/ Name: laravel_session
Value: eyJpdiI6IlQwSzFRNitHQzh2bUJDYmI5VHpNbGc9PSIsInZhbHVlIjoiRTFpY241NGhFdW1vNmR2ck1CdDkwelVQR0lJZUlzekFhYTMrUGxLVFNpbnNDMVBrV3YzYmRteFlGWWhCclg3TiIsIm1hYyI6ImEwYWRiYjc0ZTRkY2Y3MzJkM2NiY2VmNTFkNmRmOThlNmE1ZDcwZmRjZTMyZTcwYjE3NWNjZDM2ZjYzMDhhOGQifQ%3D%3D
.ads.bid/ Name: _dc_gtm_UA-147625936-1
Value: 1
.yandex.ru/ Name: _ym_uid
Value: 1576373008473688571
.ads.bid/ Name: _fbp
Value: fb.1.1576373007047.1731987825

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 2843685072343467.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2vaxwkujrfwh.info
adblock.medicineteaser.org
ads.bid
code.jivosite.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.ru
node132.jivosite.com
stats.g.doubleclick.net
tag.oneretarget.com
telemetry.jivosite.com
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
yandex.ru
172.217.22.2
217.69.133.145
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:816::2002
2a00:1450:4001:825::2003
2a00:1450:4001:825::2004
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9b
2a02:6b8::1:119
2a02:6b8:a::a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:9997::9997
54.155.68.125
77.246.156.238
87.240.137.158
88.208.54.88
94.130.66.148
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
122c67b55b2b63b085c46ac045d9d7f72ecabf208357656b35444b6359412152
185fd7d03210fc6b943c7e0faf58594e7e61a60d866f802eccb7427a4a9ae07f
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1d0a103da6b7cdf67acf57ad7ebef4e64f241d5e2b2f154694815112d3686fed
215a175ce4fe873fe5ccb95770980ce28b5e46b844cd459f619e8371d5effc1e
2235e5326f4b9488e8595ca91413ad94653d6a40b849e602a6157fbcfc6399a6
23c88348f3c726fb54f09b238531e63f2a00042f7be0de87ce03640382caa7b0
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
284c96c27764afadb67daa628422d1494f48abca6c2ea5fd6bcd6d2a3eee3993
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3859f1b20059e3f44932a2f195a9a5512e9be713d3925f6cb879069b0616db25
3a003b3d92f70e76da4fc61a3983b2dd0fd618a7f69f886035a396959ee13b3b
3e474a9aa4585e4b725218f14b80676122743b25faf24bd3052ffcd869dbe5f9
42fafa8a6b3c7b737d1bed92ca4ec0c3c256092b125a265821a760ad3bb457b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61011e604925cf6ceb8f362be27d31b7d115ff7ae23839226609a5aabcae3992
61467e93a9af337db8fce804c104d36e6f4f1889452c94a69fc5519ca82c44c9
61af1af1d8efabd8776a11762213ad062864f71f77c2b90bf174a7e0f24f2e77
655e4df00465ca01a9193495e32a413c196baaa7cc5b64cc9796132e781578ad
685a60ca50a933acbd60c08347adbff1eb6612ac49209448a57bd6db30b0cb15
6a647ebd3d72866eb30720125c4cf2997fd30007f8cefb5bad1ebcfdd14a153e
6c9d42c490ae00fbdde95eca29bbcc932378f518f765a307344b2c25e681b5d5
709b3558ec592ef19670dccc09c169fb44bef7b1ca1a556a87e304729c648374
7141f75e8a65e837118c34935fb67ac42cb5d636b3e79dc4baa8ca9866d8dc40
7756ddc8ae5b4106cb0c82a79adfb3b61b43c99601e834ddcc35a6b9def0df7a
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ee1f9d09cc295f7e7d827c53b0d7ae66752a502da527513377b1d4aa410ee76
900087ee075310da29b0516b9fdee9e16e77a82b96a5cc0a2f57fb0f778009b4
91b6e35955f69e4cf8e63c79e6a6e1faba19bbe3ff80aa629dffa1cf051bdbc8
938b47647e445588558766f22dba09262dce4354bc9df082ce03cac5aed2d5f3
984e5de85690373b09c8b16e4a74cf857851eae730c48254c33d55f4d35ca7ad
9da8657b6d7d7aad21d001303e0b87a8ab6a7dda4580e79d436feb346e3bbed2
a3dbceb309daebd30f05e8bf72bdf2e82b680b892399bd20c3d05673297d052b
a4168fee1facc89c4491707b70d6ffafb00b9db1136810ee509996c18bd8052b
a94634ad7084a964809c5de6ebe8f15c27da08a8e02bdc0129700e3823844290
af4173498e9ac13b961c00d3c60dd2acc7409827abf7e344d7aac17579d69580
c5a1a79d268069962313296646c46c5ca04756e0987cb304b60ae800c1394491
ccde94d69d0437bc1ded3c4fa23def4c65fbd899bd70e736590c31f543efb3cf
ce6d671c03faf0eed9e67e34cea57c406f402ccd680ad6c6495ae16e9c94e345
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e1632dc38a09dce6cb13781150c5c2559762113ac2fb5d3509827b2e23223742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47879993ba04778087685eb53bfc03caf05da15f89f87aec961bf7aa638817d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16f0ba0ff026f770fe84e32a59c045ec0fdd183d827ac3d854a3578c3b4ff13
f21638566beb7db0df8c58067ca66342b88d9a1d0f8b0ac625a75576c83319f7
f250dd7f428107dbb2fd26c9ce688d259e2d9cbd7f2719764298d9dff235e0cd
f7ea480101aeab8d9862060d9d6c1972e40f720dd5bb41efdc6e4f8d2edc9be0
fae0f024d64c27523a74161a0cfba30e78eb145f6c35a938db476c6165eb8ca2
fb7f38cf530b7271d33ce14ccf9f8363c7ba6947fd5b589d509c0a6a0267dea7
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43