spb.bid.run Open in urlscan Pro
194.190.117.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://spb.bid.run/
Submission Tags: falconsandbox
Submission: On December 11 via api (December 11th 2021, 7:52:51 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 23 domains to perform 20 HTTP transactions. The main IP is 194.190.117.93, located in Russian Federation and belongs to REPUBLER-AS, RU. The main domain is spb.bid.run.
TLS certificate: Issued by R3 on December 2nd 2021. Valid for: 3 months.

This is the only time spb.bid.run was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
1 8	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 2	194.190.76.44 194.190.76.44	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	80.78.249.254 80.78.249.254	197695 (AS-REG) (AS-REG)
3 3	217.66.147.170 217.66.147.170	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	138.201.65.74 138.201.65.74	24940 (HETZNER-AS) (HETZNER-AS)
2	83.222.114.186 83.222.114.186	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 3	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
1 1	168.119.145.118 168.119.145.118	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3039::6815:c08f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	138.201.34.238 138.201.34.238	24940 (HETZNER-AS) (HETZNER-AS)
2 2	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2 2	148.251.87.137 148.251.87.137	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
1 1	80.64.106.149 80.64.106.149	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
20	12

2 194.190.117.93 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru

spb.bid.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.190.117.94 (Russian Federation) 1 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.44 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.78.249.254 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51053.reg.regrucolo.ru

tt.ttarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.170 (St Petersburg, Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.222.114.186 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.72 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.145.118 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1359803.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c08f (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.34.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.34.201.138.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 2 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.87.137 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-rtb-anthill-app-2.datamind.ru

sync.datamind.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.149 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru

republer-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	republer.com 1 redirects sync.republer.com	6 KB
4	mts.ru 4 redirects sm.rtb.mts.ru tech.rtb.mts.ru	3 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
3	acint.net 3 redirects acint.net	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	datamind.ru 2 redirects sync.datamind.ru	791 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	590 B
2	rktch.com 1 redirects ut.rktch.com	683 B
2	yandex.ru 1 redirects an.yandex.ru	660 B
2	new-programmatic.com 2 redirects match.new-programmatic.com	563 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	550 B
2	com.ru rtb.com.ru	480 B
2	adhigh.net 2 redirects px.adhigh.net	815 B
2	bid.run spb.bid.run	5 KB
1	rutarget.ru 1 redirects republer-sync.rutarget.ru	424 B
1	hybrid.ai dm.hybrid.ai	238 B
1	utraff.com a.utraff.com	817 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	644 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	211 B
1	adkernel.com sync.adkernel.com	109 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	konnektu.ru 1 redirects pixel.konnektu.ru	240 B
1	ttarget.ru tt.ttarget.ru	103 B
20	23

	Domain	Requested by
8	sync.republer.com	1 redirects spb.bid.run
3	sync.bumlam.com	2 redirects spb.bid.run
3	acint.net	3 redirects
3	sm.rtb.mts.ru	3 redirects
2	sync3.adsniper.ru	2 redirects
2	sync.datamind.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects spb.bid.run
2	an.yandex.ru	1 redirects spb.bid.run
2	match.new-programmatic.com	2 redirects
2	exchange.buzzoola.com	1 redirects spb.bid.run
2	rtb.com.ru	spb.bid.run
2	px.adhigh.net	2 redirects
2	spb.bid.run	spb.bid.run
1	republer-sync.rutarget.ru	1 redirects
1	dm.hybrid.ai	spb.bid.run
1	a.utraff.com	spb.bid.run
1	ssp-rtb.sape.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	sync.adkernel.com	spb.bid.run
1	sync.dmp.otm-r.com	spb.bid.run
1	pixel.konnektu.ru	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	tt.ttarget.ru	spb.bid.run
20	24

This site contains no links.

Subject Issuer	Validity	Valid
spb.bid.run R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
tt.ttarget.ru Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-10-28`	a year	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
rtb.com.ru Sectigo RSA Domain Validation Secure Server CA	`2021-03-01` - `2022-03-07`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://spb.bid.run/
Frame ID: F0E6CD3DBA4D9BF22F21B27BC29EDCE7
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

K A V A N G A

Page Statistics

20
Requests

45 %
HTTPS

8 %
IPv6

23
Domains

24
Subdomains

12
IPs

4
Countries

13 kB
Transfer

7 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50 HTTP 307
https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50&qset=1

Request Chain 2

https://px.adhigh.net/p/cm/republer HTTP 302
https://px.adhigh.net/p/cm/republer?bounced=1 HTTP 302
https://sync.republer.com/match?src=getintent&id=ozSNrwUs4O.AikABlF9qw4XlQ

Request Chain 4

https://sm.rtb.mts.ru/p?ssp=republer&id=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=29&exu=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=c6742123-f0ae-4171-9355-d08c9c24df8f&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D29%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D29%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=29&em=1&ssp=konnektu&id= HTTP 301
https://sync.republer.com/match?src=mts&id=c6742123-f0ae-4171-9355-d08c9c24df8f

Request Chain 8

https://s.uuidksinc.net/match/670/?remote_uid=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 302
https://sync.republer.com/match?src=kadam&id=QUs6JXbYz0vksP7j8EP5

Request Chain 9

https://acint.net/rmatch?dp=54&euid=1601c897-b248-49ae-9484-dec8f9c210c5&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch?r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D&dp=54&tc=1&euid=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.republer.com%252Fmatch%253Fsrc%253Dsape%2526id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F8F01B5611600163302121895&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D HTTP 302
https://sync.republer.com/match?src=sape&id=0100007F8F01B5615001863A028418DE

Request Chain 12

https://exchange.buzzoola.com/cookiesync/dsp/republer-video/1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 307
https://exchange.buzzoola.com/cookiesync/dsp/republer-video/1601c897-b248-49ae-9484-dec8f9c210c5?set_buzzoola_cookie=t

Request Chain 13

https://match.new-programmatic.com/userbind?src=rpb&id=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 302
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/setud/target_rtb/?sign=1449436751 HTTP 302
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1449436751

Request Chain 14

https://ut.rktch.com/matchspm?pi=14&pui=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2853655246 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=fAusdOp7Tk93si0H4m73qe&noredirect

Request Chain 15

https://sync.datamind.ru/cookie/accepter?source=republer&id=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 302
https://sync.datamind.ru/cookie/accepter?source=republer&id=1601c897-b248-49ae-9484-dec8f9c210c5&dmp.ctest=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zcGIuYmlkLnJ1bi8iXX19 HTTP 302
https://sync.republer.com/match/?src=tcs&id=cd7aec06-3124-4311-898f-cf2418595ab7

Request Chain 17

https://republer-sync.rutarget.ru/sync?ssp_user_id=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 302
https://sync.republer.com/match?src=rutarget&id=LqrqkNKKItAu

Request Chain 18

https://sync.bumlam.com/?src=rp1&uid=1601c897-b248-49ae-9484-dec8f9c210c5 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiPg9SNBlIEioaQK2IkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiPg9SNBlIEioaQK2IkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiPg9SNBmIkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiPg9SNBmIkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw**

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
spb.bid.run/ 397 B
518 B 447ms
54ms Document
text/html 194.190.117.93
REPUBLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.190.117.93 , Russian Federation, ASN204600 (REPUBLER-AS, RU),
Reverse DNS: carp.bspb1.kavanga.ru
Software: nginx /
Resource Hash: fcf8d71bcfdefd0e730116788b50cb14592a32a4e187007ea649a7660018657d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 11 Dec 2021 20:00:29 GMT
content-type: text/html
content-length: 397
last-modified: Thu, 16 May 2019 09:44:47 GMT
etag: "5cdd310f-18d"
accept-ranges: bytes

GET
H2

200

ssp-sync.js Show response
sync.republer.com/
Redirect Chain

https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50
https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50&qset=1

2 KB
2 KB

55ms
55ms

Script
application/javascript

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50&qset=1

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

f1daa2a04d6740a7c0f86ba66fcc77089449e53a55bf4d3c6985ad89f841436a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:08 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp1
content-type: application/javascript; charset=utf-8
content-length: 1881
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:08 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
location: /ssp-sync.js?src=spb.bid.run&sc=50&qset=1
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp2
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logo.png
spb.bid.run/ 4 KB
4 KB 55ms
54ms Image
image/png 194.190.117.93
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spb.bid.run/logo.png
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.190.117.93 , Russian Federation, ASN204600 (REPUBLER-AS, RU),
Reverse DNS: carp.bspb1.kavanga.ru
Software: nginx /
Resource Hash: b65a44c1c5ffc2afab6b680f716b19616a81c2a4e5a8f70c7a9e199f81d168cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 20:00:29 GMT
last-modified: Thu, 16 May 2019 09:44:47 GMT
server: nginx
accept-ranges: bytes
etag: "5cdd310f-1116"
content-length: 4374
content-type: image/png

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://px.adhigh.net/p/cm/republer
https://px.adhigh.net/p/cm/republer?bounced=1
https://sync.republer.com/match?src=getintent&id=ozSNrwUs4O.AikABlF9qw4XlQ

49 B
495 B

55ms
55ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=getintent&id=ozSNrwUs4O.AikABlF9qw4XlQ

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:09 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp2
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:52:47 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f22-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.republer.com/match?src=getintent&id=ozSNrwUs4O.AikABlF9qw4XlQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync
tt.ttarget.ru/rtb/republer/ 0
103 B 210ms
48ms Image
text/plain 80.78.249.254
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.ttarget.ru/rtb/republer/sync?id=1601c897-b248-49ae-9484-dec8f9c210c5
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.78.249.254 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51053.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 11 Dec 2021 19:52:17 GMT
Server: nginx

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=republer&id=1601c897-b248-49ae-9484-dec8f9c210c5
https://sm.rtb.mts.ru/match/second?ssp=29&exu=1601c897-b248-49ae-9484-dec8f9c210c5
https://tech.rtb.mts.ru/?dsp_uid=c6742123-f0ae-4171-9355-d08c9c24df8f&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D29%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=29&em=1&ssp=konnektu&id=
https://sync.republer.com/match?src=mts&id=c6742123-f0ae-4171-9355-d08c9c24df8f

49 B
495 B

55ms
55ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=mts&id=c6742123-f0ae-4171-9355-d08c9c24df8f

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:09 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp1
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 11 Dec 2021 19:52:47 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://sync.republer.com/match?src=mts&id=c6742123-f0ae-4171-9355-d08c9c24df8f
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 republer_dsp
sync.dmp.otm-r.com/match/ 0
69 B 53ms
13ms Image
text/plain 138.201.65.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/republer_dsp?id=1601c897-b248-49ae-9484-dec8f9c210c5
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 11 Dec 2021 19:52:46 GMT
server: nginx/1.17.4

GET
H/1.1 204
No Content republer-sync
rtb.com.ru/ 0
240 B 148ms
46ms Image
text/plain 83.222.114.186
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/republer-sync?uid=1601c897-b248-49ae-9484-dec8f9c210c5
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 19:52:47 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ 0
109 B 59ms
14ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=106159&t=image&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dadkernel%26id%3D%7BUID%7D
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 19:52:46 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://s.uuidksinc.net/match/670/?remote_uid=1601c897-b248-49ae-9484-dec8f9c210c5
https://sync.republer.com/match?src=kadam&id=QUs6JXbYz0vksP7j8EP5

49 B
495 B

55ms
55ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=kadam&id=QUs6JXbYz0vksP7j8EP5

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:09 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp1
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://sync.republer.com/match?src=kadam&id=QUs6JXbYz0vksP7j8EP5
date: Sat, 11 Dec 2021 19:52:46 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://acint.net/rmatch?dp=54&euid=1601c897-b248-49ae-9484-dec8f9c210c5&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D%24%7BUSER_ID%7D
https://acint.net/rmatch?r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D&dp=54&tc=1&euid=1601c897-b248-49ae-9484-dec8f9c210c5
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.republer.com%252Fmatch%253Fsrc%253Dsape%2526id%253D$%257BUSER_ID%2...
https://acint.net/rmatch?dp=14&euid=0100007F8F01B5611600163302121895&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D
https://sync.republer.com/match?src=sape&id=0100007F8F01B5615001863A028418DE

49 B
495 B

55ms
55ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=sape&id=0100007F8F01B5615001863A028418DE

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:09 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp3
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 19:52:47 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://sync.republer.com/match?src=sape&id=0100007F8F01B5615001863A028418DE
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 204
No Content ssp50-sync
rtb.com.ru/ 0
240 B 152ms
48ms Image
text/plain 83.222.114.186
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/ssp50-sync?uid=1601c897-b248-49ae-9484-dec8f9c210c5
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 19:52:47 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H2 204 sync
a.utraff.com/ 0
817 B 45ms
20ms Image
text/plain 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=republer&uid=1601c897-b248-49ae-9484-dec8f9c210c5
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 19:52:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYkBBagwXEVfKB1ZLT%2BUVZfnYLCD0lfYPLvBrDxJti3jsVw6J2ha0WI%2BBG5jTgHdbxJ562h8goXUuJ2QXFTEOEgJMTRaZRfyQeTNbSuHpgmBVKM4o431zlDUSK2lb0Lxd2R2ycwVrE7HhA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6bc1415d892a42db-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2

200

1601c897-b248-49ae-9484-dec8f9c210c5
exchange.buzzoola.com/cookiesync/dsp/republer-video/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/dsp/republer-video/1601c897-b248-49ae-9484-dec8f9c210c5
https://exchange.buzzoola.com/cookiesync/dsp/republer-video/1601c897-b248-49ae-9484-dec8f9c210c5?set_buzzoola_cookie=t

43 B
130 B

12ms
12ms

Image
image/gif

138.201.34.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/dsp/republer-video/1601c897-b248-49ae-9484-dec8f9c210c5?set_buzzoola_cookie=t
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Server: 138.201.34.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.34.201.138.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 19:52:47 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/dsp/republer-video/1601c897-b248-49ae-9484-dec8f9c210c5?set_buzzoola_cookie=t
date: Sat, 11 Dec 2021 19:52:47 GMT
server: nginx
etag: W/"b08a633fbc026d00f39e34055229da9a5464a1b9a26a24ab9beb020885fdeece"
content-length: 125
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

404

/
an.yandex.ru/setud/target_rtb/
Redirect Chain

https://match.new-programmatic.com/userbind?src=rpb&id=1601c897-b248-49ae-9484-dec8f9c210c5
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/setud/target_rtb/?sign=1449436751
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1449436751

43 B
113 B

62ms
62ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1449436751

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:52:47 GMT
content-encoding: gzip
last-modified: Sat, 11 Dec 2021 19:52:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 11 Dec 2021 19:52:47 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:52:47 GMT
content-encoding: gzip
last-modified: Sat, 11 Dec 2021 19:52:47 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1449436751
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 11 Dec 2021 19:52:47 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/
Redirect Chain

https://ut.rktch.com/matchspm?pi=14&pui=1601c897-b248-49ae-9484-dec8f9c210c5
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2853655246
https://ut.rktch.com/matchspm?pi=1000006&pui=fAusdOp7Tk93si0H4m73qe&noredirect

88 B
88 B

43ms
43ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=fAusdOp7Tk93si0H4m73qe&noredirect
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 19:52:47 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:52:47 GMT
via: 1.1 google
last-modified: Sat, 11 Dec 2021 19:52:47 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=fAusdOp7Tk93si0H4m73qe&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
sync.republer.com/match/
Redirect Chain

https://sync.datamind.ru/cookie/accepter?source=republer&id=1601c897-b248-49ae-9484-dec8f9c210c5
https://sync.datamind.ru/cookie/accepter?source=republer&id=1601c897-b248-49ae-9484-dec8f9c210c5&dmp.ctest=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zcGIuYmlkLnJ1bi8iXX19
https://sync.republer.com/match/?src=tcs&id=cd7aec06-3124-4311-898f-cf2418595ab7

49 B
495 B

55ms
55ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match/?src=tcs&id=cd7aec06-3124-4311-898f-cf2418595ab7

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:09 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp1
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://sync.republer.com/match/?src=tcs&id=cd7aec06-3124-4311-898f-cf2418595ab7
date: Sat, 11 Dec 2021 19:52:47 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
content-length: 0
strict-transport-security: max-age=63072000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 169ms
49ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=139&vid=1601c897-b248-49ae-9484-dec8f9c210c5

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:52:47 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 102
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://republer-sync.rutarget.ru/sync?ssp_user_id=1601c897-b248-49ae-9484-dec8f9c210c5
https://sync.republer.com/match?src=rutarget&id=LqrqkNKKItAu

49 B
495 B

55ms
55ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=rutarget&id=LqrqkNKKItAu

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 19:54:09 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp4
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://sync.republer.com/match?src=rutarget&id=LqrqkNKKItAu
Date: Sat, 11 Dec 2021 19:52:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1

200
OK

/
sync.bumlam.com/
Redirect Chain

https://sync.bumlam.com/?src=rp1&uid=1601c897-b248-49ae-9484-dec8f9c210c5
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiPg9SNBlIEioaQK2IkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiPg9SNBlIEioaQK2IkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiPg9SNBmIkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiPg9SNBmIkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw**

43 B
552 B

7ms
7ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARiPg9SNBmIkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw**
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Server: 31.172.81.158 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 19:52:47 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sat, 11 Dec 2021 19:52:47 GMT
Server: nginx
ETag: e9efeeec-5abb-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARiPg9SNBmIkMTYwMWM4OTctYjI0OC00OWFlLTk0ODQtZGVjOGY5YzIxMGM1ogEQ6e_u7Fq7Eeym6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.republer.com/	1970-01-20 08:06:28	Name: ruid Value: 1601c897-b248-49ae-9484-dec8f9c210c5
.utraff.com/	1970-01-20 00:04:15	Name: preutid Value: 1
.uuidksinc.net/	1970-01-20 08:06:28	Name: jcsuuid Value: QUs6JXbYz0vksP7j8EP5
.exchange.buzzoola.com/	1970-01-20 00:04:04	Name: uuid Value: e4eec286-1e68-49ab-6875-360dd7d43454
.mts.ru/	1970-01-20 07:53:30	Name: dspid Value: c6742123-f0ae-4171-9355-d08c9c24df8f
.datamind.ru/	1970-01-19 23:21:03	Name: dmp.ctest_id Value: 1639252367083
.datamind.ru/	1970-01-20 08:06:28	Name: dmp.id Value: cd7aec06-3124-4311-898f-cf2418595ab7
.rktch.com/	1970-01-20 00:04:04	Name: b_uid Value: e34f4328593a71d41a140cc7386c291bd314
.adsniper.ru/	1970-01-27 06:32:52	Name: uuid3 Value: IiRlOWVmZWVlYy01YWJiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.weborama.fr/	1970-01-20 08:52:33	Name: AFFICHE_W Value: z0jN5LnQudTP77
.bumlam.com/	1970-01-27 06:32:52	Name: suuid3 Value: IiRlOWVmZWVlYy01YWJiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.mts.ru/	1970-01-23 13:44:52	Name: mts_id Value: fcddc5e2-7a7e-45a8-9c90-4c64ae5fe565
.mts.ru/	1970-01-23 13:44:52	Name: mts_id_last_sync Value: 1639252367
.adhigh.net/	1970-01-20 08:06:28	Name: gi_u Value: ozSNrwUs4O.AikABlF9qw4XlQ
.rutarget.ru/	1970-01-20 03:40:04	Name: userId Value: LqrqkNKKItAu
.adhigh.net/	1970-01-20 08:06:28	Name: republer_sync Value: I9i
.yandex.ru/	1970-01-23 14:56:52	Name: yuidss Value: 6919079781639252367
.yandex.ru/	1970-01-23 14:56:52	Name: yandexuid Value: 6919079781639252367
.acint.net/	1970-01-19 23:20:52	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWG1AY86hgFQ3hiEAh8hn5jiTpx3HsJt/4Pzti5ijHWi
.acint.net/	1970-01-20 00:04:04	Name: cSyncDp14v3 Value: 1639252367
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWG1AY8zFgAWlRgSAp6TzwVO3LM9GD9DnhOSA7h1H/ye

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1449436751 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.utraff.com
acint.net
an.yandex.ru
dm.hybrid.ai
exchange.buzzoola.com
match.new-programmatic.com
pixel.konnektu.ru
px.adhigh.net
redirect.frontend.weborama.fr
republer-sync.rutarget.ru
rtb.com.ru
s.uuidksinc.net
sm.rtb.mts.ru
spb.bid.run
ssp-rtb.sape.ru
sync.adkernel.com
sync.bumlam.com
sync.datamind.ru
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tech.rtb.mts.ru
tt.ttarget.ru
ut.rktch.com
130.193.58.13
138.201.34.238
138.201.65.74
148.251.87.137
168.119.145.118
194.190.117.93
194.190.117.94
194.190.76.44
195.201.243.72
213.87.44.187
217.65.2.150
217.66.147.170
2606:4700:3039::6815:c08f
2a02:6b8::90
31.172.81.158
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.16
77.245.57.72
80.64.106.149
80.78.249.254
83.222.114.186
89.108.97.2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b65a44c1c5ffc2afab6b680f716b19616a81c2a4e5a8f70c7a9e199f81d168cc
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1daa2a04d6740a7c0f86ba66fcc77089449e53a55bf4d3c6985ad89f841436a
fcf8d71bcfdefd0e730116788b50cb14592a32a4e187007ea649a7660018657d

spb.bid.run Open in urlscan Pro 194.190.117.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

20 Requests

45 %HTTPS

8 %IPv6

23 Domains

24 Subdomains

12 IPs

4 Countries

13 kBTransfer

7 kBSize

22 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

22 Cookies

1 Console Messages

Indicators

spb.bid.run Open in urlscan Pro
194.190.117.93 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

45 %
HTTPS

8 %
IPv6

23
Domains

24
Subdomains

12
IPs

4
Countries

13 kB
Transfer

7 kB
Size

22
Cookies

20 HTTP transactions
0 data transactions