spb.bid.run Open in urlscan Pro
194.190.117.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://spb.bid.run/
Submission Tags: falconsandbox
Submission: On November 09 via api (November 9th 2021, 10:04:03 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 24 domains to perform 20 HTTP transactions. The main IP is 194.190.117.93, located in Russian Federation and belongs to REPUBLER-AS, RU. The main domain is spb.bid.run.
TLS certificate: Issued by R3 on October 3rd 2021. Valid for: 3 months.

This is the only time spb.bid.run was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
1 7	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 2	193.232.150.148 193.232.150.148	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	80.78.249.254 80.78.249.254	197695 (AS-REG) (AS-REG)
3 3	217.66.147.169 217.66.147.169	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	212.76.131.50 212.76.131.50	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	148.251.4.142 148.251.4.142	24940 (HETZNER-AS) (HETZNER-AS)
2	83.222.114.188 83.222.114.188	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 3	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
1 1	157.90.6.174 157.90.6.174	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3039::6815:c04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	94.130.13.220 94.130.13.220	24940 (HETZNER-AS) (HETZNER-AS)
2 2	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2 2	148.251.87.137 148.251.87.137	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
4 5	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
20	13

2 194.190.117.93 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru

spb.bid.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.190.117.94 (Russian Federation) 1 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.148 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp15.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.78.249.254 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51053.reg.regrucolo.ru

tt.ttarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.169 (St Petersburg, Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-169-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.76.131.50 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs25.videonow.ru

sync.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.4.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.71 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.6.174 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1359717.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c04e (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.13.220 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.220.13.130.94.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 2 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.87.137 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-rtb-anthill-app-2.datamind.ru

sync.datamind.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

republer-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.160 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	republer.com 1 redirects sync.republer.com	5 KB
4	mts.ru 4 redirects sm.rtb.mts.ru tech.rtb.mts.ru	3 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
3	acint.net 3 redirects acint.net	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	datamind.ru 2 redirects sync.datamind.ru	792 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	557 B
2	rktch.com 1 redirects ut.rktch.com	683 B
2	yandex.ru 1 redirects an.yandex.ru	661 B
2	new-programmatic.com 2 redirects match.new-programmatic.com	563 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	550 B
2	com.ru rtb.com.ru	480 B
2	adhigh.net 2 redirects px.adhigh.net	818 B
2	bid.run spb.bid.run	5 KB
1	rutarget.ru 1 redirects republer-sync.rutarget.ru	424 B
1	hybrid.ai dm.hybrid.ai	238 B
1	utraff.com a.utraff.com	823 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	644 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	210 B
1	adkernel.com sync.adkernel.com	109 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	videonow.ru sync.videonow.ru	464 B
1	konnektu.ru 1 redirects pixel.konnektu.ru	239 B
1	ttarget.ru tt.ttarget.ru	103 B
20	24

	Domain	Requested by
7	sync.republer.com	1 redirects spb.bid.run
3	sync.bumlam.com	2 redirects spb.bid.run
3	acint.net	3 redirects
3	sm.rtb.mts.ru	3 redirects
2	sync3.adsniper.ru	2 redirects
2	sync.datamind.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects spb.bid.run
2	an.yandex.ru	1 redirects spb.bid.run
2	match.new-programmatic.com	2 redirects
2	exchange.buzzoola.com	1 redirects spb.bid.run
2	rtb.com.ru	spb.bid.run
2	px.adhigh.net	2 redirects
2	spb.bid.run	spb.bid.run
1	republer-sync.rutarget.ru	1 redirects
1	dm.hybrid.ai	spb.bid.run
1	a.utraff.com	spb.bid.run
1	ssp-rtb.sape.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	sync.adkernel.com	spb.bid.run
1	sync.dmp.otm-r.com	spb.bid.run
1	sync.videonow.ru	spb.bid.run
1	pixel.konnektu.ru	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	tt.ttarget.ru	spb.bid.run
20	25

This site contains no links.

Subject Issuer	Validity	Valid
spb.bid.run R3	`2021-10-03` - `2022-01-01`	3 months	crt.sh
tt.ttarget.ru Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-10-28`	a year	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
rtb.com.ru Sectigo RSA Domain Validation Secure Server CA	`2021-03-01` - `2022-03-07`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://spb.bid.run/
Frame ID: 5CB58A6D17A7FA70528C699873972956
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

K A V A N G A

Page Statistics

20
Requests

45 %
HTTPS

8 %
IPv6

24
Domains

25
Subdomains

13
IPs

4
Countries

13 kB
Transfer

7 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50 HTTP 307
https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50&qset=1

Request Chain 2

https://px.adhigh.net/p/cm/republer HTTP 302
https://px.adhigh.net/p/cm/republer?bounced=1 HTTP 302
https://sync.republer.com/match?src=getintent&id=u5h4vv8QDnkb.AikABlF9BrqxkA

Request Chain 4

https://sm.rtb.mts.ru/p?ssp=republer&id=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=29&exu=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=b4efb5fc-f9d6-49a6-9a83-29fe176b976a&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D29%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D29%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=38&em=1&ssp=konnektu&id= HTTP 301
https://sync.videonow.ru/ssp?dsp=28&uuid=b4efb5fc-f9d6-49a6-9a83-29fe176b976a

Request Chain 8

https://s.uuidksinc.net/match/670/2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 302
https://sync.republer.com/match?src=kadam&id=CD8dplul88IF0zVF3Dac

Request Chain 9

https://acint.net/rmatch?dp=54&euid=2f164b9e-15f4-443d-9660-6d7c00c85010&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch?r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D&dp=54&tc=1&euid=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.republer.com%252Fmatch%253Fsrc%253Dsape%2526id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F4EF08A61140098790260C523&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D HTTP 302
https://sync.republer.com/match?src=sape&id=0100007F4EF08A61FD0401BD024FD2FD

Request Chain 12

https://exchange.buzzoola.com/cookiesync/dsp/republer-video/2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 307
https://exchange.buzzoola.com/cookiesync/dsp/republer-video/2f164b9e-15f4-443d-9660-6d7c00c85010?set_buzzoola_cookie=t

Request Chain 13

https://match.new-programmatic.com/userbind?src=rpb&id=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 302
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/setud/target_rtb/?sign=2107579957 HTTP 302
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=2107579957

Request Chain 14

https://ut.rktch.com/matchspm?pi=14&pui=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=517931302 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=u..UhPFlw.9QAdEKqo.ic.&noredirect

Request Chain 15

https://sync.datamind.ru/cookie/accepter?source=republer&id=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 302
https://sync.datamind.ru/cookie/accepter?source=republer&id=2f164b9e-15f4-443d-9660-6d7c00c85010&dmp.ctest=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zcGIuYmlkLnJ1bi8iXX19 HTTP 302
https://sync.republer.com/match/?src=tcs&id=b95f778c-9088-40fe-a170-d6f328cffa55

Request Chain 17

https://republer-sync.rutarget.ru/sync?ssp_user_id=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 302
https://sync.republer.com/match?src=rutarget&id=s9XMkKMOSsOq

Request Chain 18

https://sync.bumlam.com/?src=rp1&uid=2f164b9e-15f4-443d-9660-6d7c00c85010 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjO4KuMBlIEioaQK2IkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEw HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjO4KuMBlIEioaQK2IkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjO4KuMBmIkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjO4KuMBmIkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw**

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
spb.bid.run/ 397 B
519 B 192ms
44ms Document
text/html 194.190.117.93
REPUBLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.190.117.93 , Russian Federation, ASN204600 (REPUBLER-AS, RU),
Reverse DNS: carp.bspb1.kavanga.ru
Software: nginx /
Resource Hash: fcf8d71bcfdefd0e730116788b50cb14592a32a4e187007ea649a7660018657d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 09 Nov 2021 22:11:14 GMT
content-type: text/html
content-length: 397
last-modified: Thu, 16 May 2019 09:44:47 GMT
etag: "5cdd310f-18d"
accept-ranges: bytes

GET
H2

200

ssp-sync.js Show response
sync.republer.com/
Redirect Chain

https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50
https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50&qset=1

2 KB
2 KB

46ms
45ms

Script
application/javascript

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.republer.com/ssp-sync.js?src=spb.bid.run&sc=50&qset=1

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2df4a186910dfff75401c4fd261e45c35272b7570def402725c3ad5d7a00dce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:05:25 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp3
content-type: application/javascript; charset=utf-8
content-length: 1869
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:05:25 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
location: /ssp-sync.js?src=spb.bid.run&sc=50&qset=1
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp1
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logo.png
spb.bid.run/ 4 KB
4 KB 45ms
44ms Image
image/png 194.190.117.93
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spb.bid.run/logo.png
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.190.117.93 , Russian Federation, ASN204600 (REPUBLER-AS, RU),
Reverse DNS: carp.bspb1.kavanga.ru
Software: nginx /
Resource Hash: b65a44c1c5ffc2afab6b680f716b19616a81c2a4e5a8f70c7a9e199f81d168cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 22:11:14 GMT
last-modified: Thu, 16 May 2019 09:44:47 GMT
server: nginx
accept-ranges: bytes
etag: "5cdd310f-1116"
content-length: 4374
content-type: image/png

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://px.adhigh.net/p/cm/republer
https://px.adhigh.net/p/cm/republer?bounced=1
https://sync.republer.com/match?src=getintent&id=u5h4vv8QDnkb.AikABlF9BrqxkA

49 B
495 B

256ms
254ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=getintent&id=u5h4vv8QDnkb.AikABlF9BrqxkA

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:05:25 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp3
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:03:58 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f15-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.republer.com/match?src=getintent&id=u5h4vv8QDnkb.AikABlF9BrqxkA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync
tt.ttarget.ru/rtb/republer/ 0
103 B 167ms
41ms Image
text/plain 80.78.249.254
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.ttarget.ru/rtb/republer/sync?id=2f164b9e-15f4-443d-9660-6d7c00c85010
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.78.249.254 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51053.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 09 Nov 2021 22:03:36 GMT
Server: nginx

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=republer&id=2f164b9e-15f4-443d-9660-6d7c00c85010
https://sm.rtb.mts.ru/match/second?ssp=29&exu=2f164b9e-15f4-443d-9660-6d7c00c85010
https://tech.rtb.mts.ru/?dsp_uid=b4efb5fc-f9d6-49a6-9a83-29fe176b976a&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D29%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=38&em=1&ssp=konnektu&id=
https://sync.videonow.ru/ssp?dsp=28&uuid=b4efb5fc-f9d6-49a6-9a83-29fe176b976a

35 B
464 B

173ms
54ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=28&uuid=b4efb5fc-f9d6-49a6-9a83-29fe176b976a
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 22:03:58 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 1248349
content-length: 35

Redirect headers

Date: Tue, 09 Nov 2021 22:03:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://sync.videonow.ru/ssp?dsp=28&uuid=b4efb5fc-f9d6-49a6-9a83-29fe176b976a
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 republer_dsp
sync.dmp.otm-r.com/match/ 0
69 B 48ms
11ms Image
text/plain 148.251.4.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/republer_dsp?id=2f164b9e-15f4-443d-9660-6d7c00c85010
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.4.251.148.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 22:03:58 GMT
server: nginx/1.17.6

GET
H/1.1 204
No Content republer-sync
rtb.com.ru/ 0
240 B 148ms
47ms Image
text/plain 83.222.114.188
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/republer-sync?uid=2f164b9e-15f4-443d-9660-6d7c00c85010
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 22:03:58 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ 0
109 B 54ms
12ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=106159&t=image&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dadkernel%26id%3D%7BUID%7D
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 22:03:58 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://s.uuidksinc.net/match/670/2f164b9e-15f4-443d-9660-6d7c00c85010
https://sync.republer.com/match?src=kadam&id=CD8dplul88IF0zVF3Dac

49 B
495 B

46ms
46ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=kadam&id=CD8dplul88IF0zVF3Dac

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:05:25 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp1
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://sync.republer.com/match?src=kadam&id=CD8dplul88IF0zVF3Dac
date: Tue, 09 Nov 2021 22:03:58 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://acint.net/rmatch?dp=54&euid=2f164b9e-15f4-443d-9660-6d7c00c85010&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D%24%7BUSER_ID%7D
https://acint.net/rmatch?r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D&dp=54&tc=1&euid=2f164b9e-15f4-443d-9660-6d7c00c85010
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.republer.com%252Fmatch%253Fsrc%253Dsape%2526id%253D$%257BUSER_ID%2...
https://acint.net/rmatch?dp=14&euid=0100007F4EF08A61140098790260C523&r=https%3A%2F%2Fsync.republer.com%2Fmatch%3Fsrc%3Dsape%26id%3D$%7BUSER_ID%7D
https://sync.republer.com/match?src=sape&id=0100007F4EF08A61FD0401BD024FD2FD

49 B
495 B

46ms
46ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=sape&id=0100007F4EF08A61FD0401BD024FD2FD

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:05:25 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp1
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 09 Nov 2021 22:03:58 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://sync.republer.com/match?src=sape&id=0100007F4EF08A61FD0401BD024FD2FD
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 204
No Content ssp50-sync
rtb.com.ru/ 0
240 B 162ms
51ms Image
text/plain 83.222.114.188
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/ssp50-sync?uid=2f164b9e-15f4-443d-9660-6d7c00c85010
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 22:03:58 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H2 204 sync
a.utraff.com/ 0
823 B 58ms
28ms Image
text/plain 2606:4700:3039::6815:c04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=republer&uid=2f164b9e-15f4-443d-9660-6d7c00c85010
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 22:03:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyCHzbtNvQuri1vJ5SMTqM%2BIFF6L65iXEbw%2FZvoyPug3wVjnHmnQTPm%2Bt602tS%2F58lAymge%2BYwg04%2FTGLvXEnrfJ2moFU%2Fn6p215kI5LgLWbCvSPoJYzoxSUeAglzllfdUP4hA7PsM50PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6aba55885f6cd725-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2

200

2f164b9e-15f4-443d-9660-6d7c00c85010
exchange.buzzoola.com/cookiesync/dsp/republer-video/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/dsp/republer-video/2f164b9e-15f4-443d-9660-6d7c00c85010
https://exchange.buzzoola.com/cookiesync/dsp/republer-video/2f164b9e-15f4-443d-9660-6d7c00c85010?set_buzzoola_cookie=t

43 B
130 B

15ms
15ms

Image
image/gif

94.130.13.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/dsp/republer-video/2f164b9e-15f4-443d-9660-6d7c00c85010?set_buzzoola_cookie=t
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: H2
Server: 94.130.13.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.220.13.130.94.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 22:03:58 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/dsp/republer-video/2f164b9e-15f4-443d-9660-6d7c00c85010?set_buzzoola_cookie=t
date: Tue, 09 Nov 2021 22:03:58 GMT
server: nginx
etag: W/"e344460bdf90031d389ed87c6f661adfb927fee4aacd477968e2f540f8d5a118"
content-length: 125
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

404

/
an.yandex.ru/setud/target_rtb/
Redirect Chain

https://match.new-programmatic.com/userbind?src=rpb&id=2f164b9e-15f4-443d-9660-6d7c00c85010
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/setud/target_rtb/?sign=2107579957
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=2107579957

43 B
113 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=2107579957

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:03:58 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 22:03:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 09 Nov 2021 22:03:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:03:58 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 22:03:58 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=2107579957
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 09 Nov 2021 22:03:58 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/
Redirect Chain

https://ut.rktch.com/matchspm?pi=14&pui=2f164b9e-15f4-443d-9660-6d7c00c85010
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=517931302
https://ut.rktch.com/matchspm?pi=1000006&pui=u..UhPFlw.9QAdEKqo.ic.&noredirect

88 B
88 B

48ms
48ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=u..UhPFlw.9QAdEKqo.ic.&noredirect
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 22:03:58 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:03:58 GMT
via: 1.1 google
last-modified: Tue, 09 Nov 2021 22:03:58 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=u..UhPFlw.9QAdEKqo.ic.&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
sync.republer.com/match/
Redirect Chain

https://sync.datamind.ru/cookie/accepter?source=republer&id=2f164b9e-15f4-443d-9660-6d7c00c85010
https://sync.datamind.ru/cookie/accepter?source=republer&id=2f164b9e-15f4-443d-9660-6d7c00c85010&dmp.ctest=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zcGIuYmlkLnJ1bi8iXX19
https://sync.republer.com/match/?src=tcs&id=b95f778c-9088-40fe-a170-d6f328cffa55

49 B
495 B

272ms
272ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match/?src=tcs&id=b95f778c-9088-40fe-a170-d6f328cffa55

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:05:25 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp2
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://sync.republer.com/match/?src=tcs&id=b95f778c-9088-40fe-a170-d6f328cffa55
date: Tue, 09 Nov 2021 22:03:58 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
content-length: 0
strict-transport-security: max-age=63072000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 178ms
51ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=139&vid=2f164b9e-15f4-443d-9660-6d7c00c85010

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:03:58 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 102
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

match
sync.republer.com/
Redirect Chain

https://republer-sync.rutarget.ru/sync?ssp_user_id=2f164b9e-15f4-443d-9660-6d7c00c85010
https://sync.republer.com/match?src=rutarget&id=s9XMkKMOSsOq

49 B
495 B

52ms
52ms

Image
image/gif

194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?src=rutarget&id=s9XMkKMOSsOq

Requested by

Host: spb.bid.run
URL: https://spb.bid.run/

Protocol

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 22:05:25 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp3
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://sync.republer.com/match?src=rutarget&id=s9XMkKMOSsOq
Date: Tue, 09 Nov 2021 22:03:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1

200
OK

/
sync.bumlam.com/
Redirect Chain

https://sync.bumlam.com/?src=rp1&uid=2f164b9e-15f4-443d-9660-6d7c00c85010
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjO4KuMBlIEioaQK2IkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEw
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjO4KuMBlIEioaQK2IkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjO4KuMBmIkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjO4KuMBmIkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw**

43 B
552 B

7ms
6ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARjO4KuMBmIkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw**
Requested by: Host: spb.bid.run
URL: https://spb.bid.run/
Protocol: HTTP/1.1
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spb.bid.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 22:03:58 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 09 Nov 2021 22:03:58 GMT
Server: nginx
ETag: f04f8eea-41a8-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARjO4KuMBmIkMmYxNjRiOWUtMTVmNC00NDNkLTk2NjAtNmQ3YzAwYzg1MDEwogEQ8E-O6kGoEeym6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.republer.com/	1970-01-20 07:20:31	Name: ruid Value: 2f164b9e-15f4-443d-9660-6d7c00c85010
.uuidksinc.net/	1970-01-20 07:20:31	Name: jcsuuid Value: CD8dplul88IF0zVF3Dac
.utraff.com/	1970-01-19 23:18:18	Name: preutid Value: 1
.acint.net/	1970-01-19 22:34:56	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWGK8E69AQT9/dJPAg4FyZ/M1LILBGGf0m/GpQWn2Ios
.acint.net/	1970-01-19 23:18:07	Name: cSyncDp14v3 Value: 1636495438
.exchange.buzzoola.com/	1970-01-19 23:18:07	Name: uuid Value: 5a63b8ef-755d-4464-507c-2d3c97b3bbc7
.mts.ru/	1970-01-20 07:07:33	Name: dspid Value: b4efb5fc-f9d6-49a6-9a83-29fe176b976a
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWGK8E55mAAUI8VgAhm/xDw+nJ83nw3bcqkqzZUbIBHi
.adhigh.net/	1970-01-20 07:20:31	Name: gi_u Value: u5h4vv8QDnkb.AikABlF9BrqxkA
.datamind.ru/	1970-01-19 22:35:06	Name: dmp.ctest_id Value: 1636495438248
.datamind.ru/	1970-01-20 07:20:31	Name: dmp.id Value: b95f778c-9088-40fe-a170-d6f328cffa55
.adhigh.net/	1970-01-20 07:20:31	Name: republer_sync Value: IYq
.rktch.com/	1970-01-19 23:18:07	Name: b_uid Value: 91f77934293acda04a7cb8b124cf40219e9b
.adsniper.ru/	1970-01-27 05:46:55	Name: uuid3 Value: IiRmMDRmOGVlYS00MWE4LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.weborama.fr/	1970-01-20 08:06:36	Name: AFFICHE_W Value: Lf13X7-Amhot85
.bumlam.com/	1970-01-27 05:46:55	Name: suuid3 Value: IiRmMDRmOGVlYS00MWE4LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.mts.ru/	1970-01-23 12:58:55	Name: mts_id Value: 64060259-0af3-4c53-82da-b8a809719823
.mts.ru/	1970-01-23 12:58:55	Name: mts_id_last_sync Value: 1636495438
.rutarget.ru/	1970-01-20 02:54:07	Name: userId Value: s9XMkKMOSsOq
.yandex.ru/	1970-01-23 14:10:55	Name: yuidss Value: 3165398361636495438
.yandex.ru/	1970-01-23 14:10:55	Name: yandexuid Value: 3165398361636495438
.videonow.ru/	1970-01-20 07:20:31	Name: vn_user_key Value: ae7a0e891536591a59880db5f923ffb85c56eede
.videonow.ru/	1970-01-19 23:18:07	Name: dsp_28 Value: b4efb5fc-f9d6-49a6-9a83-29fe176b976a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=2107579957 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.utraff.com
acint.net
an.yandex.ru
dm.hybrid.ai
exchange.buzzoola.com
match.new-programmatic.com
pixel.konnektu.ru
px.adhigh.net
redirect.frontend.weborama.fr
republer-sync.rutarget.ru
rtb.com.ru
s.uuidksinc.net
sm.rtb.mts.ru
spb.bid.run
ssp-rtb.sape.ru
sync.adkernel.com
sync.bumlam.com
sync.datamind.ru
sync.dmp.otm-r.com
sync.republer.com
sync.videonow.ru
sync3.adsniper.ru
tech.rtb.mts.ru
tt.ttarget.ru
ut.rktch.com
130.193.58.13
148.251.4.142
148.251.87.137
157.90.6.174
193.232.150.148
194.190.117.93
194.190.117.94
195.201.243.71
212.76.131.50
213.87.44.187
217.65.2.150
217.66.147.169
2606:4700:3039::6815:c04e
2a02:6b8::90
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.23
77.245.57.72
80.64.106.148
80.78.249.254
83.222.114.188
89.108.97.2
94.130.13.220
2df4a186910dfff75401c4fd261e45c35272b7570def402725c3ad5d7a00dce8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b65a44c1c5ffc2afab6b680f716b19616a81c2a4e5a8f70c7a9e199f81d168cc
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcf8d71bcfdefd0e730116788b50cb14592a32a4e187007ea649a7660018657d

spb.bid.run Open in urlscan Pro 194.190.117.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

20 Requests

45 %HTTPS

8 %IPv6

24 Domains

25 Subdomains

13 IPs

4 Countries

13 kBTransfer

7 kBSize

24 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

24 Cookies

1 Console Messages

Indicators

spb.bid.run Open in urlscan Pro
194.190.117.93 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

45 %
HTTPS

8 %
IPv6

24
Domains

25
Subdomains

13
IPs

4
Countries

13 kB
Transfer

7 kB
Size

24
Cookies

20 HTTP transactions
0 data transactions