Report - pmi1yarhxx.com/

Report Overview

Submitted URL
pmi1yarhxx.com/
IP
85.192.12.170
ASN
#12695 LLC Digital Network
Submitted
2022-12-07 21:09:25
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
api-iam.intercom.io	2892	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	939 B	12 kB	54.81.202.145
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	48 kB	142.250.74.168
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	143.204.42.165
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	2.8 kB	104.18.21.226
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	21 kB	142.250.74.46
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	79 kB	77.88.21.119
top-fwz1.mail.ru	8936	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	5.7 kB	95.163.52.67
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.4 kB	93.184.220.29
ads2.bid	164914	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	838 kB	85.192.12.170
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	96 kB	142.250.74.131
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	1.9 kB	104.18.21.226
nexus-websocket-a.intercom.io	2137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	726 B	281 B	34.237.73.95
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	474 B	746 B	142.250.74.106
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	510 B	694 B	216.58.207.228
pmi1yarhxx.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	358 B	85.192.12.170
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
widget.intercom.io	2417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	6.9 kB	54.230.111.95
js.intercomcdn.com	2440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	729 B	140 kB	54.230.111.33
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	29 kB	157.240.247.8
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.76.226
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	593 B	703 B	108.177.14.157
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	509 B	694 B	142.250.74.163
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	572 B	349 B	157.240.247.35
ads.bid	813453	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	353 B	85.192.12.169
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.26.194
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	966 B	54 kB	216.58.207.227
vk.com	2243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	24 kB	87.240.132.72
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	pmi1yarhxx.com	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	widget.intercom.io/widget/cj2q9izh	19 kB	2023-03-08	2023-03-08
Pretty URL widget.intercom.io/widget/cj2q9izh IP 54.230.111.95 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:10:03 Last Seen2023-03-08 21:53:39 Times Seen1 Hash 222367238dff8b366a08fde8cd49d7b5 9a2595b44e79e327061c903a70be6dcca5fd21a2 f88f2bcd74b77af6b1549b90a0c28c79e3c48efe0dd8bf1df8c3561050827896 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	connect.facebook.net/signals/config/5134261243354211?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-11
Pretty URL connect.facebook.net/signals/config/5134261243354211?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:10:03 Last Seen2023-03-11 19:46:17 Times Seen1 Hash 385737b0e77cd9af8a7c5d37931ac368 c5e91ae3977f455ea0c19c145330bc75dfebb607 1310ed353b7f5c1a9d58afc22ee4a3fd4c48e87f14aae692d802eaa89f5f158f Loading...

	ads2.bid/	345 B	2023-03-08	2023-11-16
Pretty URL ads2.bid/ IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2023-11-16 13:13:18 Times Seen10 Hash 9f3d0a348f34593bdd6108cc3e56cd29 305a00b0b4baab6b687c2b159ae0f052707ac9ae e0dfda077c71d1e120d4833d639edaa7f5d9c9dff72a8dd351a3b8097c06dcdf Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 00:00:27 Times Seen37050658 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ads2.bid/	423 B	2023-03-08	2024-01-18
Pretty URL ads2.bid/ IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2024-01-18 01:45:19 Times Seen12 Hash a4f2792267af0e7b605fda772972d80f 3d1fc9f794301b3b5b748547db3c544cbeb971a0 8fc3ea0e5e2f714d15902a88b0f71c053b5d353e3e820825ab518a0c920fa5fc Loading...

	ads2.bid/	481 B	2023-03-08	2024-01-18
Pretty URL ads2.bid/ IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2024-01-18 01:45:20 Times Seen12 Hash d5e06d6da118f335fe7413204f104dbb dfe4ab1538c8cb86812c0a092580c7693e5c0b45 a0571e015e0dc9a6c16d4c3722fe8d764cd48ca5df6a87c35c2319a48e80d20c Loading...

	ads2.bid/	132 B	2023-03-08	2024-01-18
Pretty URL ads2.bid/ IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2024-01-18 01:45:19 Times Seen12 Hash 267b2b03862053e764edd2bce3116a59 253862eedffff39eff2378e48b6cb406d58e1f91 2279b0adf82e2e62b43296e05410e289c7591dae8d60ee4ad99066b778c6dd7a Loading...

	ads2.bid/js/main.min.js	178 kB	2023-03-08	2023-03-11
Pretty URL ads2.bid/js/main.min.js IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2023-03-11 19:46:17 Times Seen1 Hash 4ab0d6628ffa74f76601c88667839c96 171366f065b0428d44add1f9d1eae99efed8af95 b1f4d558faaac53551f219895531348fd455a7cdfd4f776ca35aacee3f7b1bda Loading...

	ads2.bid/	251 B	2023-03-08	2024-01-18
Pretty URL ads2.bid/ IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2024-01-18 01:45:20 Times Seen12 Hash 3bfe9b97e7181a931e67b988e0fffbcc 372425c22cf85ab7de22281263eacdd3573f7dd2 1a35759af73e41342e332d317f1545d7c24d1f7264a5cc80de5cb18ad6ac0701 Loading...

	top-fwz1.mail.ru/js/code.js	34 kB	2023-03-08	2023-03-12
Pretty URL top-fwz1.mail.ru/js/code.js IP 95.163.52.67 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-12 20:28:19 Times Seen1 Hash ed077b3e38371c1defeb3dae48670692 26a3dff026279aee3a072ecbe0ac53423ea581ac d851fd360e7b4fc592c9b8b7b0169483f11efe98af94fdbc11c5a0b1d6e5db50 Loading...

	ads2.bid/	774 B	2023-03-08	2023-03-11
Pretty URL ads2.bid/ IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2023-03-11 19:46:17 Times Seen1 Hash d38c6f11e85ea73f5fb886093e13d35e 6c2595e3df6b0706d474aef30c7f13a66cde175b 8bfa48ff37289c8e39d755d27a00a3a09d05815389ce790e5345fae858d106bd Loading...

	mc.yandex.ru/metrika/tag.js	214 kB	2023-03-08	2023-03-11
Pretty URL mc.yandex.ru/metrika/tag.js IP 77.88.21.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:44 Last Seen2023-03-11 23:51:42 Times Seen1 Hash eed495e5f5918b605647ddfabccaa865 a0f16bf130bfc3755630e6e522d9fb3463919ab9 b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9 Loading...

	vk.com/js/api/openapi.js?169	106 kB	2023-03-08	2023-12-03
Pretty URL vk.com/js/api/openapi.js?169 IP 87.240.132.72 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:43 Last Seen2023-12-03 16:12:46 Times Seen1261 Hash 6aba827f31cd3750ef56b691f9b5a139 e541e9196dcb954a26bfc211fab774f4cf12365c 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e Loading...

	ads2.bid/	357 B	2023-03-08	2024-01-18
Pretty URL ads2.bid/ IP 85.192.12.170 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:36:55 Last Seen2024-01-18 01:45:19 Times Seen12 Hash b535e71c9f507f72bcffeb83dc86a944 06d93334ef8e9737ffeced5fa24c2df7d3419e11 2628f2c44fbb5e2df2553f8366e54e24dc6ceb0d1f32c4aa813b00b72f121fd3 Loading...

	www.googletagmanager.com/gtag/js?id=UA-147625936-1	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-147625936-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:10:03 Last Seen2023-03-08 21:10:03 Times Seen1 Hash d97bbe30686b5da7f9643ed5c23997cd 1c9b3608f8d683ad829952ee1454be4a3fb24484 405ba15c755209ba7ef0f7534cbd1cb1ba38da5a4f7efcf2b5771f107802af0a Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.247.8 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-24 21:29:59 Times Seen14293 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (134)

URL IP Response Size

pmi1yarhxx.com/

85.192.12.170

301 Moved Permanently

169 B

URL HTTP/1.1
pmi1yarhxx.com/
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: pmi1yarhxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Wed, 07 Dec 2022 21:09:14 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://ads.bid/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2625
Expires: Wed, 07 Dec 2022 21:52:59 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19383
Expires: Thu, 08 Dec 2022 02:32:17 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 21:08:06 GMT
content-type: application/json
age: 68
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10136
Expires: Wed, 07 Dec 2022 23:58:10 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1elhXCYlrNS1duss4Sj/rSVcf4w1/vwl71ylvc+pi47KnXJnMMIzi4jArDPIhxnxZZxUUGN9apo=
x-amz-request-id: 0G5W2FFYWCFYN3WN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 20:47:39 GMT
age: 1295
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2eedf005c44c360101bc2606583c14f
35cb4128c37f0970c30efb82a30a6d911ee7cc26
16c0f92034ebe16f93dc064b4f27f7e36acc005901c635ea1d0105f39de28eca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16C0F92034EBE16F93DC064B4F27F7E36ACC005901C635EA1D0105F39DE28ECA"
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Thu, 08 Dec 2022 03:08:39 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive

ads.bid/

85.192.12.169

301 Moved Permanently

169 B

URL HTTP/2
ads.bid/
IP
85.192.12.169:0
ASN
#12695 LLC Digital Network

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae

HTTP Headers

GET / HTTP/1.1
Host: ads.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: text/html
content-length: 169
location: https://ads2.bid/
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 21:07:55 GMT
age: 80
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5221
Cache-Control: max-age=134676
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:33:51 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3ad9b919bd13371b29856ec6dd61fb3e
b5b6e290d096c969b05c370590aed2d6e2beb1c4
3c5a51fec077bc2d30c31034388388523848da4c06becfc3a18a4be9aebae4b9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C5A51FEC077BC2D30C31034388388523848DA4C06BECFC3A18A4BE9AEBAE4B9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Thu, 08 Dec 2022 03:08:49 GMT
Date: Wed, 07 Dec 2022 21:09:15 GMT
Connection: keep-alive

push.services.mozilla.com/

35.161.26.194

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.26.194:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: efvvVsK/zgOgCuwX+ZIE1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6GQsqy0z2632N/BIrzxNNu07lV4=

ads2.bid/img/logo.svg

85.192.12.170

200 OK

15 kB

URL HTTP/2
ads2.bid/img/logo.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2184), with CRLF line terminators
Size
15 kB (15103 bytes)
Hash
2cb86a2617812e69298d5d16b2b217e7
cbb7f246515032c6b2a5f8c38ee5a3bb59c24ac9
38a7b46f7b060f6e5d1f61ed283b3d879a1c08763b6a428203f4b3b8914f84f4

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 15103
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a78-3aff"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/russia.svg

85.192.12.170

200 OK

240 B

URL HTTP/2
ads2.bid/img/flags/russia.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
240 B (240 bytes)
Hash
8a7f740ec4562951bb61d6f410f45ad8
1c86b9c13528f11a9e59eb74f5caadedcb3474ba
73eceeee5e4bb891c4e9641ffbf4d6fc81c82f7bbcde1abcf63ae0262c08e9a7

HTTP Headers

GET /img/flags/russia.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 240
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-f0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/uk.svg

85.192.12.170

200 OK

1.3 kB

URL HTTP/2
ads2.bid/img/flags/uk.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
1.3 kB (1269 bytes)
Hash
f110e15006dd7f58ba085745a1a71b3b
a20b6a5abd66ce186b62500a6662f1be43c6114e
543e2bd008e241d50835b867b8eb4433d4b40312945a2d003858ba0ea2fd2b2a

HTTP Headers

GET /img/flags/uk.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1269
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-4f5"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/russia-min.svg

85.192.12.170

200 OK

869 B

URL HTTP/2
ads2.bid/img/flags/russia-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
869 B (869 bytes)
Hash
4cd44835cb84b8754499dafef124f189
655cc9d02551f684ff611330726d0cc515803cfb
ad7fadc96d59df0a0c95bb747791fd59404368cbe8fec6b4be8b7280897b544a

HTTP Headers

GET /img/flags/russia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 869
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-365"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/ukraine-min.svg

85.192.12.170

200 OK

669 B

URL HTTP/2
ads2.bid/img/flags/ukraine-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
669 B (669 bytes)
Hash
077097f85304fdb94046c062c9686886
21ace30a1a2055f648ae44ff22047d47413be72f
eafee4032f09fc922a3538459ad78e56332a463084e57979fb0d1716d109097c

HTTP Headers

GET /img/flags/ukraine-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 669
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aab-29d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-599XP79

142.250.74.168

200 OK

48 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-599XP79
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5706)
Size
48 kB (47822 bytes)
Hash
dfd3318eec2c637f8842ae4b1e14faac
44f802460b435b3b03c0423beac45bfcb8058f3a
3460dc4f3508099f741fbbf63073884445c953ea9b2c4bd033f2bed95ad46f1f

HTTP Headers

GET /gtm.js?id=GTM-599XP79 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 21:09:15 GMT
expires: Wed, 07 Dec 2022 21:09:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47822
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ads2.bid/img/flags/kazakhstan-min.svg

85.192.12.170

200 OK

1.4 kB

URL HTTP/2
ads2.bid/img/flags/kazakhstan-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (358), with CRLF line terminators
Size
1.4 kB (1375 bytes)
Hash
5bf32527d667180c1f9103fec9840857
14d4ef80e46b4d342b1ea56c4767a2cb078e761f
a4004c74fb41868da6a1b58329aca1cc1221c97ccdb7dd25f744b59ce46975f6

HTTP Headers

GET /img/flags/kazakhstan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1375
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-55f"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/belorussia-min.svg

85.192.12.170

200 OK

1.7 kB

URL HTTP/2
ads2.bid/img/flags/belorussia-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.7 kB (1740 bytes)
Hash
9bf759db37617f4ce5bb9fccab8587e4
df5bf0b2142979430dfe9243fc1b1342b44220f3
b2bbe2a0c9151adc186173fb7d5a47a8835c39ff8b19f38ca69669e8efbf9740

HTTP Headers

GET /img/flags/belorussia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1740
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa6-6cc"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ads2.bid/img/flags/indonesia-min.svg

85.192.12.170

200 OK

669 B

URL HTTP/2
ads2.bid/img/flags/indonesia-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
669 B (669 bytes)
Hash
f7a31b129dec45d3f35d38c38d86e675
88d5713c049dbb1424ef85978676d467f0841bc2
a1cca6cc19cdcf9a61cd6b98f9885c27aad513ee8519dde02c842933f81298e6

HTTP Headers

GET /img/flags/indonesia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 669
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-29d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/moldova-min.svg

85.192.12.170

200 OK

1.5 kB

URL HTTP/2
ads2.bid/img/flags/moldova-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (485), with CRLF line terminators
Size
1.5 kB (1466 bytes)
Hash
05c51529d35b25530bb31ab46c2e229f
84b65350a98214d49743522e5addff4585613f4a
c19a87cab8d4bf158a9964070fbbee074f0d36987039f757bb30002478612fef

HTTP Headers

GET /img/flags/moldova-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1466
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-5ba"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/germany-min.svg

85.192.12.170

200 OK

719 B

URL HTTP/2
ads2.bid/img/flags/germany-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
719 B (719 bytes)
Hash
8d09eea9d875e1154034dab3ebd071a8
93bd38bb2fcc9976fc1f92a92321de53e6fbd967
720c80f07dd91419a199567308d69cded2780a1e2c9cdaecf2002144e9cf1207

HTTP Headers

GET /img/flags/germany-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 719
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-2cf"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/uzbekistan-min.svg

85.192.12.170

200 OK

3.7 kB

URL HTTP/2
ads2.bid/img/flags/uzbekistan-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.7 kB (3701 bytes)
Hash
f1b43febd356ffc6a8486ae0ba690b31
60a29fe5a0087ca18e00a1b36c8184a495f41820
6191156d3b3f0a96479568ee423e206c9052818051233c3a97da03d87ab38933

HTTP Headers

GET /img/flags/uzbekistan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 3701
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aab-e75"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/malaysia-min.svg

85.192.12.170

200 OK

1.6 kB

URL HTTP/2
ads2.bid/img/flags/malaysia-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Size
1.6 kB (1603 bytes)
Hash
006bb45d06a810e0187e283b04dec390
7b4e09c07499353f93652c3a6a7b7a071fc13f2e
f92ce8174b645faa8697ea24a6d15d3015da377748d697aa307279c55bc2f8e6

HTTP Headers

GET /img/flags/malaysia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1603
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-643"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/czech-min.svg

85.192.12.170

200 OK

768 B

URL HTTP/2
ads2.bid/img/flags/czech-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
768 B (768 bytes)
Hash
dbb3ec84ca2fbf2239b083a9af9c6695
fb21b7ad49ea9b11b68021094a149b8c96c6d3b2
14def2ce66b939e146e8ff16073818adc0741e2514f6150b806999dbbe06fc5a

HTTP Headers

GET /img/flags/czech-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 768
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-300"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/thailand-min.svg

85.192.12.170

200 OK

824 B

URL HTTP/2
ads2.bid/img/flags/thailand-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
824 B (824 bytes)
Hash
ed8f3fd40921a038b219afcf371d83ec
d42cc97228d89fdec6f4166dc7b3c2ffa5372d13
4332b497722a26f5b459fa235a2160eeed342943f6dcb634310f7b4f2667c395

HTTP Headers

GET /img/flags/thailand-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 824
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-338"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/bulgaria-min.svg

85.192.12.170

200 OK

741 B

URL HTTP/2
ads2.bid/img/flags/bulgaria-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
741 B (741 bytes)
Hash
79cc637d8901edc3be568de8cd90b39a
c2fd351a0f152b4ef68ffcfc8376fc11be1b5f21
41124e75f50d2bcd07801ec14bf69df39be1e9271c78241a999c9cbf96b3a7f2

HTTP Headers

GET /img/flags/bulgaria-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 741
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa6-2e5"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/vietnam-min.svg

85.192.12.170

200 OK

834 B

URL HTTP/2
ads2.bid/img/flags/vietnam-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
834 B (834 bytes)
Hash
329cfb2247b98a11ced395496bcac501
b8b9ebfc82c41ccf4bd0ce000d79d1e209e0f953
e033c84f2d88a1560224079802bb3f05db0ba06565ecbb7ca757ae2bd22f6b1e

HTTP Headers

GET /img/flags/vietnam-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 834
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aab-342"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/lithuania-min.svg

85.192.12.170

200 OK

741 B

URL HTTP/2
ads2.bid/img/flags/lithuania-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
741 B (741 bytes)
Hash
93d6a176c6437442faca70a6b624a0e4
b31a850fb64b4fd50d0873fabe545a7b164da3f1
327c7eda5334b5cf9ace6ee6a5d867673a0b1a3eb915d03342a158c85bac6416

HTTP Headers

GET /img/flags/lithuania-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 741
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-2e5"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/philippines-min.svg

85.192.12.170

200 OK

1.7 kB

URL HTTP/2
ads2.bid/img/flags/philippines-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (344), with CRLF line terminators
Size
1.7 kB (1728 bytes)
Hash
42172c2b8f81fd692d9d83ba71739e91
161235781eac3ab758a75c392a9ee3340e2c181f
88c48fbf470ffe877314bf46e8c3c83dc14bd18027195f7258828677e240d93d

HTTP Headers

GET /img/flags/philippines-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1728
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-6c0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/azerbaijan-min.svg

85.192.12.170

200 OK

1.3 kB

URL HTTP/2
ads2.bid/img/flags/azerbaijan-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (305), with CRLF line terminators
Size
1.3 kB (1341 bytes)
Hash
a97c616ec0d208083a2586f5c2244d29
08d4f454aec5f3c411b145d2ece325cc76e5c86f
9db2032a3bce075fda5d53d6bc970a0e83c8fd8bad20870c2855fe934b7955bb

HTTP Headers

GET /img/flags/azerbaijan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1341
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa6-53d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/estonia-min.svg

85.192.12.170

200 OK

719 B

URL HTTP/2
ads2.bid/img/flags/estonia-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
719 B (719 bytes)
Hash
b80eca06d58cf0783f247bcb4813e01f
807066a956c581972c1e010959952ace70b377f7
ff45be88641b15fa998e9c8bc74b78dd129289d21b99e6b3c10f77d7ca7fd817

HTTP Headers

GET /img/flags/estonia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 719
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-2cf"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/romania-min.svg

85.192.12.170

200 OK

760 B

URL HTTP/2
ads2.bid/img/flags/romania-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
760 B (760 bytes)
Hash
b6039ec5e482932bcd8222179975a8e4
508def060e2d505a09354a3d749242c56559e63a
ed3ffd301e1e00d7a7d65be31dac18143205b4fd2ffc3c1f2e0628444343e3e5

HTTP Headers

GET /img/flags/romania-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 760
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-2f8"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/india-min.svg

85.192.12.170

200 OK

1.1 kB

URL HTTP/2
ads2.bid/img/flags/india-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1087 bytes)
Hash
02b891bbb268dfd5d1e182e0eaf6ebf2
48e9056043d00e8cb1fc035a21881df303976ff3
fd147d380d088c44ac12078ee97bf142a2621d95cd57b6aab5980a009523f956

HTTP Headers

GET /img/flags/india-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1087
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-43f"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/spain-min.svg

85.192.12.170

200 OK

754 B

URL HTTP/2
ads2.bid/img/flags/spain-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
754 B (754 bytes)
Hash
edc412883ce19352f726c9a26e49dde8
711c321ac7ce9ad65c217164a4d9065e0c4b3ebc
afe893d587ec9e4d570b37a179135264d7e4751cba6af37115f40c8a34f58568

HTTP Headers

GET /img/flags/spain-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 754
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-2f2"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/home-slide-1.svg

85.192.12.170

200 OK

2.7 kB

URL HTTP/2
ads2.bid/img/home-slide-1.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (940), with CRLF line terminators
Size
2.7 kB (2746 bytes)
Hash
b5cab03b63c0c765738872378aaf13ce
64886b7c52e775572e7529ddb92e91a8458e2331
c248f01010003a5307f2453cfa1a5cd70e6978518601b472a7efaf9b430d11e9

HTTP Headers

GET /img/home-slide-1.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 2746
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a73-aba"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/flags/tajikistan-min.svg

85.192.12.170

200 OK

2.3 kB

URL HTTP/2
ads2.bid/img/flags/tajikistan-min.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.3 kB (2348 bytes)
Hash
ea152a8b876e3724be7631de8335a86e
884b823c27fa9dbe1d73f2798ce091e2e69d8263
85b7d98e009116cf1bb7007a14d6ff69c688072e404b755eb91270f255b4023f

HTTP Headers

GET /img/flags/tajikistan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 2348
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-92c"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/home-slide-3.svg

85.192.12.170

200 OK

737 B

URL HTTP/2
ads2.bid/img/home-slide-3.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
737 B (737 bytes)
Hash
8b2fcdc954d4842802809010d30a4925
b7214ddb7e6e6dbac43f6c03743d14428c4c823a
0dc4f51f3c605628619f494cf3c07250ed530780efd23ad9c2de88161a70b4f7

HTTP Headers

GET /img/home-slide-3.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 737
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a75-2e1"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/home-slide-2.svg

85.192.12.170

200 OK

3.0 kB

URL HTTP/2
ads2.bid/img/home-slide-2.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (731), with CRLF line terminators
Size
3.0 kB (3008 bytes)
Hash
db844e935cce1d07659fa8b47272dc92
92db6ee995112115e4855f5bbea9477fe88ac9cc
179daebbf40ea89563f6220f0d5134a9253f285468dba501f4c9eabdb3728c42

HTTP Headers

GET /img/home-slide-2.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 3008
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a74-bc0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/home-slide-4.svg

85.192.12.170

200 OK

3.0 kB

URL HTTP/2
ads2.bid/img/home-slide-4.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (731), with CRLF line terminators
Size
3.0 kB (3008 bytes)
Hash
db844e935cce1d07659fa8b47272dc92
92db6ee995112115e4855f5bbea9477fe88ac9cc
179daebbf40ea89563f6220f0d5134a9253f285468dba501f4c9eabdb3728c42

HTTP Headers

GET /img/home-slide-4.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 3008
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a76-bc0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/about_check.svg

85.192.12.170

200 OK

6.6 kB

URL HTTP/2
ads2.bid/img/about_check.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (718), with CRLF line terminators
Size
6.6 kB (6584 bytes)
Hash
e0c14101a87d36e9e670be713d35c68e
58d72652d1bea84dd62097063eeaf904be0a1a50
7c6a90697bc99b6bc82f44ca88ce827db402da62ff4e08dda127d898d01790cf

HTTP Headers

GET /img/about_check.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 6584
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-19b8"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/home-slide-5.svg

85.192.12.170

200 OK

7.2 kB

URL HTTP/2
ads2.bid/img/home-slide-5.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1485), with CRLF line terminators
Size
7.2 kB (7195 bytes)
Hash
5b65c305d625e46453d2e804221d9832
2d0cbad1affe673d4ff3032b4af0efd201d64724
60b938b596fcdd7a71a9ea3b4e6da8f2b1c4351a58a2381dd009d68152d16ae5

HTTP Headers

GET /img/home-slide-5.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 7195
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a77-1c1b"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/about-svg-1.svg

85.192.12.170

200 OK

12 kB

URL HTTP/2
ads2.bid/img/about-svg-1.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7287), with CRLF line terminators
Size
12 kB (12189 bytes)
Hash
e615314f8d75efd39715e6b28db17e2c
3930259b13a4e8fc2a70b6548bdfa819562329ee
a1220eec7b864c3cb271817b4c32ad50f0a88ddbdb98c47a900baa390d69761d

HTTP Headers

GET /img/about-svg-1.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 12189
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6d-2f9d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/header-lk.jpg

85.192.12.170

200 OK

22 kB

URL HTTP/2
ads2.bid/img/header-lk.jpg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=455, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=912], progressive, precision 8, 912x28, components 3\012- data
Size
22 kB (22374 bytes)
Hash
2db5b4978d336363346ded42ab2817fc
c82cbe3538e6ed7741ee1a919de54781f560799d
b2551e931f73a79d945d0a586bb9c09526179a6b00538de2dd60d293bc26a16a

HTTP Headers

GET /img/header-lk.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 22374
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a72-5766"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/slide-lk-img-1.webp

85.192.12.170

200 OK

18 kB

URL HTTP/2
ads2.bid/img/slide-lk-img-1.webp
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 912x455, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18120 bytes)
Hash
00ac6f86b5ec4980057be723f4b9dbc8
da9ddcc3742d96cfec58b0004760dd3b1ae036c3
d1337445ad370e2210ee23a536fb1f7221cc703b19fb5a59920ca5d4e542f466

HTTP Headers

GET /img/slide-lk-img-1.webp HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/webp
content-length: 18120
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a83-46c8"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ads2.bid/img/about-svg-3.svg

85.192.12.170

200 OK

4.0 kB

URL HTTP/2
ads2.bid/img/about-svg-3.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1652), with CRLF line terminators
Size
4.0 kB (4019 bytes)
Hash
600168544ae6d0d0c48b04528e9e90e3
adf11d9eaef8af52f0a49fb4b033c268b4b0a668
55791d5131421e40e2f627a0d055c87a3de67bac4d8cd9f793578948c87c0a36

HTTP Headers

GET /img/about-svg-3.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 4019
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6d-fb3"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/slide-lk-img-2.webp

85.192.12.170

200 OK

15 kB

URL HTTP/2
ads2.bid/img/slide-lk-img-2.webp
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 912x454, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
15 kB (14858 bytes)
Hash
232e578366ca076b43790e23302ee10f
64e006d5c721e83afd1c337046a8e316fd0d5c45
592bd425ac151d6ab389b8064f615367da3355dbb1ab787d4b3ef915ae1addfb

HTTP Headers

GET /img/slide-lk-img-2.webp HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/webp
content-length: 14858
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a8b-3a0a"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/about-svg-5.svg

85.192.12.170

200 OK

8.6 kB

URL HTTP/2
ads2.bid/img/about-svg-5.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (702), with CRLF line terminators
Size
8.6 kB (8638 bytes)
Hash
9c5c3e2d65b439ceeeed7f6ee304d33c
8763ce6a576b23b763e2dc2f29ab110a092b19f9
fce7a6090cac9bbced3661e0cfc4226016ffa3303736a33d32d224f92423375a

HTTP Headers

GET /img/about-svg-5.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 8638
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-21be"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/slide-lk-img-11.webp

85.192.12.170

200 OK

16 kB

URL HTTP/2
ads2.bid/img/slide-lk-img-11.webp
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 912x454, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (15706 bytes)
Hash
d8f0d7abd3b689b10dc2c5b7bdb4d71a
d6747440ec86f26fc523243476177fe0eae57cc3
71b52a2784c59beb0049c316b2129b086333baf75505912a9ec6a7b6b94a5d86

HTTP Headers

GET /img/slide-lk-img-11.webp HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/webp
content-length: 15706
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a87-3d5a"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/about-svg-6.svg

85.192.12.170

200 OK

4.8 kB

URL HTTP/2
ads2.bid/img/about-svg-6.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4742), with CRLF line terminators
Size
4.8 kB (4849 bytes)
Hash
ebbc18e3ff5543603e12e597f9dcc2c0
4db19e8d1f00fc39627043593fe6f84191fb6733
c88b054bd685b60fc565bda5e105f9a7ba6d96547117dbf3e2ea1a0f0d8f714f

HTTP Headers

GET /img/about-svg-6.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 4849
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-12f1"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/part-img-4.png

85.192.12.170

200 OK

7.2 kB

URL HTTP/2
ads2.bid/img/part-img-4.png
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
PNG image data, 168 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7194 bytes)
Hash
3454f8e04a5dfece612b004d28e970cc
bc171979933afae2f90962c0ce0f1e3a89a9dd1c
11231862f28abf40cb1568392f93d0d5cca38817f112882066f1946831cc21bc

HTTP Headers

GET /img/part-img-4.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 7194
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-1c1a"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/parthners.png

85.192.12.170

200 OK

19 kB

URL HTTP/2
ads2.bid/img/parthners.png
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
PNG image data, 1105 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19167 bytes)
Hash
f0b7551f4ff9d59b5436bc28960d0a62
eba94ff1348172c6da737f2d7d6a6db5706fd6bf
30857fecd6bb1f7e9dd3a53dedd2987ba04efa6d8a3a73bf68adf92ad56a9666

HTTP Headers

GET /img/parthners.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 19167
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7b-4adf"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/about-svg-2.svg

85.192.12.170

200 OK

2.1 kB

URL HTTP/2
ads2.bid/img/about-svg-2.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1443), with CRLF line terminators
Size
2.1 kB (2103 bytes)
Hash
4fcd0e18a5c7e3abe9cf9bf0a3c4b486
d1a94d8a5a1abbcced82db59884e536eb5d2ef59
83c3def82c3a9c7c32898d88a4bfe20c1f1e4df349097cce6cecb6bec7e6485a

HTTP Headers

GET /img/about-svg-2.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 2103
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6d-837"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/part-img-1.png

85.192.12.170

200 OK

4.3 kB

URL HTTP/2
ads2.bid/img/part-img-1.png
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
PNG image data, 360 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4272 bytes)
Hash
e187f0bb5fac0a103ab7f818dc9d7c17
cd028edf24df740bd4a1114c0167ae943d3a8462
e724570a7f8a37a4e76dfc86d21f43b4a5e95cb997683ea77341c3bf4d1a218e

HTTP Headers

GET /img/part-img-1.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 4272
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-10b0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/about-svg-4.svg

85.192.12.170

200 OK

16 kB

URL HTTP/2
ads2.bid/img/about-svg-4.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3197), with CRLF line terminators
Size
16 kB (15972 bytes)
Hash
ea03594083da32fbb33887b1f4c2c7ab
dc8c475c699dcfd691bdf222cb8bbd2b9b593153
79e4ffb064b2c654a323f516e95abc3952bb41ec09ff6cbff11f9a97c1a09f27

HTTP Headers

GET /img/about-svg-4.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 15972
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-3e64"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/part-img-2.png

85.192.12.170

200 OK

5.5 kB

URL HTTP/2
ads2.bid/img/part-img-2.png
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
PNG image data, 160 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5506 bytes)
Hash
009f4e6e6a6692351d5af3673d62d97b
e0878aef319bf00bd0353df41dd87d141256cd3f
2855cd9c5b18af0c875668be71e09aa86c945f91a22663a1491dfe0df519262d

HTTP Headers

GET /img/part-img-2.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 5506
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-1582"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/slide-lk-img-4.jpg

85.192.12.170

200 OK

150 kB

URL HTTP/2
ads2.bid/img/slide-lk-img-4.jpg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 912x455, components 3\012- data
Size
150 kB (150141 bytes)
Hash
ecd44f518cb3af7caccbb68062c8b1ee
c74b90c602da4c3245d49c3b82c5ba011375c66b
7321165dd8e813e394583efbdf148a4084a59b806089382edab5f6f569548bac

HTTP Headers

GET /img/slide-lk-img-4.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 150141
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a95-24a7d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/slide-lk-img-33.jpg

85.192.12.170

200 OK

191 kB

URL HTTP/2
ads2.bid/img/slide-lk-img-33.jpg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 912x455, components 3\012- data
Size
191 kB (190591 bytes)
Hash
ae37519f0cc1a463d86d172feaf9d6ae
90e19f56b0fff7480f20fc886d2d16a2f639691c
2aae1796befcaf8bb52c43dc4867280c289161f644c0fdc1a451d6b0894e5d28

HTTP Headers

GET /img/slide-lk-img-33.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 190591
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a92-2e87f"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/part-img-3.png

85.192.12.170

200 OK

5.4 kB

URL HTTP/2
ads2.bid/img/part-img-3.png
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
PNG image data, 264 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5385 bytes)
Hash
9c52c4f7b45bdf3fb58645fba8cd8bdf
9576d4c64672fbb30c6ae52cdc332628535d1144
7d4c7e994b51fa54cf73abe42845f85ca46bea3f6592f4de61fde326b9a01250

HTTP Headers

GET /img/part-img-3.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 5385
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-1509"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ads2.bid/img/part-img-5.png

85.192.12.170

200 OK

4.6 kB

URL HTTP/2
ads2.bid/img/part-img-5.png
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
PNG image data, 306 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4578 bytes)
Hash
4e2879a44f9ceb35cc4ef3f9edac03b0
0b4189d1bb2c6275ef717441e1e2eab604226aa6
753be78bb22242f44c98de3566c41b37df15ba6a88c00bf370068de24e5a75e8

HTTP Headers

GET /img/part-img-5.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 4578
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7b-11e2"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/slide-lk-img-3.jpg

85.192.12.170

200 OK

221 kB

URL HTTP/2
ads2.bid/img/slide-lk-img-3.jpg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 912x455, components 3\012- data
Size
221 kB (221286 bytes)
Hash
7fe0ef218d66f5f586759c7778275ab0
9c320bb07b0562d5f4ebb9c4fb4359b3bd68fc71
7d75980122409fe2ff43df2fd864cd70b705ef9450641ec5e05a3102a86fff32

HTTP Headers

GET /img/slide-lk-img-3.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 221286
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a8f-36066"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/fire-ico.svg

85.192.12.170

200 OK

868 B

URL HTTP/2
ads2.bid/img/fire-ico.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (761), with CRLF line terminators
Size
868 B (868 bytes)
Hash
61a774e60011407abeb512c0eef12cba
67c775385fef5343b1b005d83cbcf431fc8d364a
a602abfc1f5b4fe73df2ab441a02b495f7bb599fc8232d36063aa4ea13dee286

HTTP Headers

GET /img/fire-ico.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 868
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a72-364"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/arrow-right.svg

85.192.12.170

200 OK

954 B

URL HTTP/2
ads2.bid/img/arrow-right.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (491), with CRLF line terminators
Size
954 B (954 bytes)
Hash
b722cffb5c0d79642d6e2fa33d5f5baa
bd612d5dcd7adb6a94d2f9247e51825094e19517
ce1c4dfb00c9f5973c3238ec51eda969e8af20f7ee7f5cb5945de378db5feb7c

HTTP Headers

GET /img/arrow-right.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 954
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a6f-3ba"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ads2.bid/img/home-fon.svg

85.192.12.170

200 OK

11 kB

URL HTTP/2
ads2.bid/img/home-fon.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
11 kB (11444 bytes)
Hash
4432c7a64f0168ceb760016b67fa5171
437c77f832936af5bd1ed6a395b326124beff981
37ad1b25055cd39fc16b7d1470dd6ac1a0cbf0dd2606f0f4a969a5a2d097bbe7

HTTP Headers

GET /img/home-fon.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 11444
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a73-2cb4"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

ads2.bid/img/effect-bcg.svg

85.192.12.170

200 OK

1.0 kB

URL HTTP/2
ads2.bid/img/effect-bcg.svg
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
1.0 kB (1005 bytes)
Hash
2e3af36896cc33275ec0b57e462f7cca
30afdd036a2b7d54cece4fb2e8ad0d0dc9ca2cb0
1a295d1ad36ade839282ace47b85212a50d2fe1a857354e0ce61474799b284a4

HTTP Headers

GET /img/effect-bcg.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 1005
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a71-3ed"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 484745
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21276, version 1.0\012- data
Size
21 kB (21276 bytes)
Hash
59c9b83cc112cf7eeb3bf7a5e96b21fe
771790b776b5e1bc3039c337024e400974184208
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 03:02:37 GMT
expires: Sat, 02 Dec 2023 03:02:37 GMT
cache-control: public, max-age=31536000
age: 497199
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ads2.bid/img/favicon.ico

85.192.12.170

200 OK

1.2 kB

URL HTTP/2
ads2.bid/img/favicon.ico
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
2c145e14e43db1c298452c483cbae39b
0a3faa8c851360b524d8d87f78a860e3fb507bd1
ac22312963de5e250e6922e17ce1ad72984a9da53d5010570d6cbe58004fac4e

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a72-47e"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2

widget.intercom.io/widget/cj2q9izh

54.230.111.95

200 OK

6.2 kB

URL HTTP/2
widget.intercom.io/widget/cj2q9izh
IP
54.230.111.95:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Size
6.2 kB (6170 bytes)
Hash
92d3c9c705af281194ec7089ea8de37d
6647334dbeda92505521222cd4882cca5b6b54f1
d71e67fe73c135e9b81a687af124e8464b3e844281fd911865920c59c9eb7cf8

HTTP Headers

GET /widget/cj2q9izh HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6170
last-modified: Wed, 07 Dec 2022 17:36:31 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 8S30TEETTVb3ej4nNEfDaQuaXeHd13ri
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 20:58:32 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "92d3c9c705af281194ec7089ea8de37d"
x-cache: Error from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: E-UkRsUdaFOHqMH1fHMGmKK2UsrOgVmqWhnn9vH5O_ccyMZF_ZwKrw==
age: 842
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5449
Cache-Control: max-age=114002
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 04:49:18 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
88ec7669372c146960b26218acad4ba7
65f1df07114095d6b8ec1c96fb5f66370a0e2cb1
5671c21fd2cf1084b3d0a72d690cc04d136595b309846b6ff206bb112ab189da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 21:09:16 GMT
Last-Modified: Wed, 07 Dec 2022 20:15:50 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7iwJmJHJkZ5YasbyKEUAhVO8KVsCwubvb8KmOUbpZR49KyoQK7Nceg==
Age: 3206

js.intercomcdn.com/frame.aaa02089.js

54.230.111.33

200 OK

139 kB

URL HTTP/2
js.intercomcdn.com/frame.aaa02089.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
139 kB (138608 bytes)
Hash
d11bd29f4a009461334adfeac7150152
12f8e16e3c2a15b21b07e39d6fae16f6b1c83289
a8ab1ad5d281a8619364492cceb6bcee54e760e708efebbc571930188cb070aa

HTTP Headers

GET /frame.aaa02089.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138608
last-modified: Wed, 07 Dec 2022 17:34:21 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: iQcCdYiEpvQmVssk5RjeCakX2FykeRrv
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 19:36:53 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "d11bd29f4a009461334adfeac7150152"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FZ4psQ7dbXJEXTbgd802hnfF1WxCKlg1lsx3un6Nsqt-lHbKn1fazA==
age: 5544
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
792c4e3e6638a89a78695fc627a07113
33160858ccb5f8200c461e119aff6870c4d4457f
2c2b38afd667c54c0246e0c4d0f178ba1b08d8eef8119526fdddbc6fbddb8b13

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 11 Dec 2022 18:00:37 GMT
ETag: "33160858ccb5f8200c461e119aff6870c4d4457f"
Last-Modified: Wed, 07 Dec 2022 18:00:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1354
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77603dc99dd9b4ee-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
e76f661702cc0fbe5bc6b3399f81ceda
fbeae9f757be13eabf36f3c3d11c21d1b2d18afd
92986e7ea1c22ac47222affadcf214a5fe66a6f7cc6b1f7f14c4707d2a3ff1fa

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:33:37 GMT
ETag: "fbeae9f757be13eabf36f3c3d11c21d1b2d18afd"
Last-Modified: Wed, 07 Dec 2022 17:33:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2357
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77603dc998bdb527-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
75e10fd5d4cfd3955518241ac6d99ee9
3be085d3275593021685d5ec96c623f3ae75bab0
1aee74addac711e2f97f998a460161de638dd70522049ca09668598da47f43ab

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 19:28:26 GMT
ETag: "3be085d3275593021685d5ec96c623f3ae75bab0"
Last-Modified: Wed, 07 Dec 2022 19:28:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 442
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77603dc9bbe5fabc-OSL

connect.facebook.net/en_US/fbevents.js

157.240.247.8

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.247.8:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: MfNgmVnmEC38xKclHIEHI5M+VjkoVLMkG/AdCYNruRgrlOjkeDqYC3ovB4EX4y97aaixhOQg5CAGdooGFAN2hA==
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 21:09:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 20:46:55 GMT
expires: Wed, 07 Dec 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 1341
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5449
Cache-Control: max-age=114002
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 04:49:18 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

vk.com/js/api/openapi.js?169

87.240.132.72

200 OK

23 kB

URL HTTP/2
vk.com/js/api/openapi.js?169
IP
87.240.132.72:0
ASN
#47541 VKontakte Ltd

File type
ASCII text, with very long lines (3849)
Size
23 kB (23318 bytes)
Hash
6b56e2aa629cc5f334bba9e200af3bfe
1e99707868f45c499400d95e75348c3d7b7686f5
7cb4aa1277e9f29f5c6d21c642b7c08cfce199332e30395c20995847a0db3fab

HTTP Headers

GET /js/api/openapi.js?169 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: kittenx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: application/x-javascript
content-length: 23318
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
etag: "6389a5e0-5b16"
content-encoding: br
expires: Sun, 11 Dec 2022 21:09:16 GMT
cache-control: max-age=345600
x-frontend: front220206
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/tag.js

77.88.21.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size
73 kB (73266 bytes)
Hash
a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73266
date: Wed, 07 Dec 2022 21:09:16 GMT
access-control-allow-origin: *
etag: "638eb36c-11e32"
expires: Wed, 07 Dec 2022 22:09:16 GMT
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
35b870e7599792ed46101906d2211e88
dfd7746cdc69cd89b3cab0034dbfb918dbca6b0f
2e763040e00e83350764888b62b79cd2d5bf9798d5158b1fe71f8bf279a050ba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141042
Date: Wed, 07 Dec 2022 21:09:16 GMT
Etag: "63907dc1-1d7"
Expires: Fri, 09 Dec 2022 12:19:58 GMT
Last-Modified: Wed, 07 Dec 2022 11:49:21 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CFXT5YT-4Y4b6ZIob8pwY2HIJap9iKEBNwZH3Gc_a6o8g14ZvJEViw==
Age: 1837

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&gjid=1453695862&_gid=2059321532.1670447356&_u=YEBAAUAAAAAAACAAI~&z=1758024992

108.177.14.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&gjid=1453695862&_gid=2059321532.1670447356&_u=YEBAAUAAAAAAACAAI~&z=1758024992
IP
108.177.14.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&gjid=1453695862&_gid=2059321532.1670447356&_u=YEBAAUAAAAAAACAAI~&z=1758024992 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://ads2.bid
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 21:09:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

86 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
86 kB (86506 bytes)
Hash
34ed29d05a4477c6206efe61f362646c
360e2bd0284bccc9353003cd812ebb0e02ae9e66
188b398b9148c2b782eb3bb67041cb1fae0ec034a2652de94eaea31fcd0e5dad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

vk.com/rtrg?p=VK-RTRG-1477217-3CDz7&metatag_url=https%3A%2F%2Fads2.bid%2F&metatag_title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2

87.240.132.72

200 OK

65 B

URL HTTP/2
vk.com/rtrg?p=VK-RTRG-1477217-3CDz7&metatag_url=https%3A%2F%2Fads2.bid%2F&metatag_title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
IP
87.240.132.72:0
ASN
#47541 VKontakte Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
65 B (65 bytes)
Hash
ec4341fe3a8b2c4880fbfe0ef9cde34f
a0947414eb426b2939ca1a05fc870763f6bfc63f
01229c58f8015c623259e635969b8520945e2e0de1927a1375d48ad0ce915463

HTTP Headers

GET /rtrg?p=VK-RTRG-1477217-3CDz7&metatag_url=https%3A%2F%2Fads2.bid%2F&metatag_title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/gif
content-length: 65
x-powered-by: KPHP/7.4.112808
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Fri, 01 Dec 2023 15:03:19 GMT; path=/; domain=.vk.com
remixstlid=9119172554139146963_1vpZsHkXbDId5x0LXZoxEWgrgxfY3e04sKp4bsKH1GL; expires=Thu, 07 Dec 2023 21:09:16 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front220206
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 21:09:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 21:09:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

top-fwz1.mail.ru/counter?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674

95.163.52.67

302 Found

0 B

URL HTTP/2
top-fwz1.mail.ru/counter?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /counter?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;nt=0/0/1670447353895/////766/770/801/801/1134/874/1135/1282/1283/1292/1837/1841/1844/1863/1863/1864;ni=;lvid=1670447356227%3A1670447356240%3A2%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.010068563138647346;e=RT/load;et=1670447356238

95.163.52.67

200 OK

43 B

URL HTTP/2
top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;nt=0/0/1670447353895/////766/770/801/801/1134/874/1135/1282/1283/1292/1837/1841/1844/1863/1863/1864;ni=;lvid=1670447356227%3A1670447356240%3A2%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.010068563138647346;e=RT/load;et=1670447356238
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

HTTP Headers

GET /tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;nt=0/0/1670447353895/////766/770/801/801/1134/874/1135/1282/1283/1292/1837/1841/1844/1863/1863/1864;ni=;lvid=1670447356227%3A1670447356240%3A2%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.010068563138647346;e=RT/load;et=1670447356238 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8351 bytes)
Hash
98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 83517
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8438 bytes)
Hash
e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 83736
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8701 bytes)
Hash
604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 83243
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 45385
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 20:49:36 GMT
age: 1180
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:16 GMT
access-control-allow-origin: *
etag: "638eb36c-2b"
expires: Wed, 07 Dec 2022 22:09:16 GMT
accept-ranges: bytes
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KkP8o_5GoqAukEAUkPrvsHE0v_36vO0wI7_97kvnUkqYc4ziC7UPpw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 16:47:32 GMT
age: 15704
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mc.yandex.ru/watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

77.88.21.119

200 OK

400 B

URL HTTP/2
mc.yandex.ru/watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
e760d58e5f209d3dd63b9bde6d723040
1ac45ea931afa80a72c78fb7460e720941dbf066
8e3ea7eeaf150dd64781ee7c2c37525f352881f272e1fe655f02d60105e3ea24

HTTP Headers

GET /watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ads2.bid
Referer: https://ads2.bid/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 400
date: Wed, 07 Dec 2022 21:09:16 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:16 GMT
last-modified: Wed, 07-Dec-2022 21:09:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

top-fwz1.mail.ru/counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674

95.163.52.67

200 OK

43 B

URL HTTP/2
top-fwz1.mail.ru/counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

HTTP Headers

GET /counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads2.bid/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=5134261243354211&ev=PageView&dl=https%3A%2F%2Fads2.bid%2F&rl=&if=false&ts=1670447356423&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670447356422.491928265&it=1670447356051&coo=false&rqm=GET

157.240.247.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=5134261243354211&ev=PageView&dl=https%3A%2F%2Fads2.bid%2F&rl=&if=false&ts=1670447356423&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670447356422.491928265&it=1670447356051&coo=false&rqm=GET
IP
157.240.247.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=5134261243354211&ev=PageView&dl=https%3A%2F%2Fads2.bid%2F&rl=&if=false&ts=1670447356423&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670447356422.491928265&it=1670447356051&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 21:09:16 GMT
X-Firefox-Spdy: h2

api-iam.intercom.io/messenger/web/ping

54.81.202.145

200 OK

11 kB

URL HTTP/2
api-iam.intercom.io/messenger/web/ping
IP
54.81.202.145:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (31735), with no line terminators
Size
11 kB (10728 bytes)
Hash
7fbec4a19e83d425669cd874c87277f6
3c7636c302a88c0952fd0a5bd4f197a77acf7dff
f95cca606493d4ea9ab807b693da033ddda4ae916ae26688867227e12a00f109

HTTP Headers

POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 580
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 21:09:17 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1670447360
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13332
access-control-allow-origin: https://ads2.bid
vary: Accept,Accept-Encoding
x-intercom-version: 48fae574a723797017c2df3de9de8de87bf93d17
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 000ec3ehu541robpn8ug
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"1cbebd70e5315d770b5c7c1c4e49af93"
x-runtime: 0.235995
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0a24581f9166fc519
X-Firefox-Spdy: h2

nexus-websocket-a.intercom.io/pubsub/5-c9Q5IHZHgV7oxNDBgHjRhw006O4UPcyEwiLM0qU8S5ibac1cHSs01ABwk9dH1tdLq51CcKPQFFoFk1E4Dcn0pClJSLai6B78_Z79?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined

34.237.73.95

101 Switching Protocols

0 B

URL HTTP/1.1
nexus-websocket-a.intercom.io/pubsub/5-c9Q5IHZHgV7oxNDBgHjRhw006O4UPcyEwiLM0qU8S5ibac1cHSs01ABwk9dH1tdLq51CcKPQFFoFk1E4Dcn0pClJSLai6B78_Z79?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP
34.237.73.95:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-c9Q5IHZHgV7oxNDBgHjRhw006O4UPcyEwiLM0qU8S5ibac1cHSs01ABwk9dH1tdLq51CcKPQFFoFk1E4Dcn0pClJSLai6B78_Z79?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ads2.bid
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D8Wuj4o51bNs7kP2zJ77Og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 07 Dec 2022 21:09:17 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BxP2k1S7CcCDdRXQPbgKSwiQBOA=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=965622084&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447359%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447359&t=gdpr(14)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=965622084&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447359%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447359&t=gdpr(14)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=965622084&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447359%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447359&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 186339
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:19 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:19 GMT
last-modified: Wed, 07-Dec-2022 21:09:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=266321485&wv-type=3&browser-info=we%3A1%3Aet%3A1670447360%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447360&t=gdpr(14)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=266321485&wv-type=3&browser-info=we%3A1%3Aet%3A1670447360%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447360&t=gdpr(14)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=266321485&wv-type=3&browser-info=we%3A1%3Aet%3A1670447360%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447360&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:20 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:20 GMT
last-modified: Wed, 07-Dec-2022 21:09:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=889439889&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447361%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210920%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447361&t=gdpr(14)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=889439889&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447361%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210920%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447361&t=gdpr(14)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=889439889&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447361%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210920%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447361&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 24
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:21 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:21 GMT
last-modified: Wed, 07-Dec-2022 21:09:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

js.intercomcdn.com/vendor.72229fe3.js

54.230.111.33

200 OK

43 B

URL HTTP/2
js.intercomcdn.com/vendor.72229fe3.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /vendor.72229fe3.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108252
last-modified: Wed, 07 Dec 2022 17:34:21 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: e6UsuzcR9p2QWJWnWbbZYja3qNqCv5Cy
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 19:36:53 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "2b808d49f42c0e80266d238f3ddcc6f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7_G6mnHDe4SK25yzNbZI_vHx6568XJEr9YxpqcNSFLq-RU5QFRv_Wg==
age: 5544
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1670447356227%3A1670447362896%3A3%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.4795669417874243;e=RT/unload;et=1670447362895;pvt=7163;vtauto=6678

95.163.52.67

200 OK

43 B

URL HTTP/2
top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1670447356227%3A1670447362896%3A3%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.4795669417874243;e=RT/unload;et=1670447362895;pvt=7163;vtauto=6678
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

HTTP Headers

GET /tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1670447356227%3A1670447362896%3A3%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.4795669417874243;e=RT/unload;et=1670447362895;pvt=7163;vtauto=6678 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:23 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1670447363:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:23 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=667944740&wv-type=3&browser-info=we%3A1%3Aet%3A1670447363%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210922%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447363&t=gdpr(14)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=667944740&wv-type=3&browser-info=we%3A1%3Aet%3A1670447363%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210922%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447363&t=gdpr(14)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=667944740&wv-type=3&browser-info=we%3A1%3Aet%3A1670447363%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210922%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447363&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:23 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:23 GMT
last-modified: Wed, 07-Dec-2022 21:09:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/81028300?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

77.88.21.119

302 Found

43 B

URL HTTP/2
mc.yandex.ru/watch/81028300?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /watch/81028300?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 21:09:16 GMT
access-control-allow-origin: https://ads2.bid
set-cookie: yabs-sid=1247290111670447356; Path=/; SameSite=None; Secure
i=wmPeu8CQ8wxNTO6/MmtDqC0OoAkxRTLjUM1BeAoUdEaFzaeQCiirr94+GV7/GbjxeQqIOfxB9GgOE2yfQIzUELqxDgo=; Expires=Sat, 04-Dec-2032 21:09:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1324320311670447356; Expires=Thu, 07-Dec-2023 21:09:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1324320311670447356; Expires=Thu, 07-Dec-2023 21:09:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701983356.yc.1670447356#1701983356.yrts.1670447356#1701983356.yrtsi.1670447356; Expires=Thu, 07-Dec-2023 21:09:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:16 GMT
last-modified: Wed, 07-Dec-2022 21:09:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

api-iam.intercom.io/messenger/web/metrics

54.81.202.145

200 OK

0 B

URL HTTP/2
api-iam.intercom.io/messenger/web/metrics
IP
54.81.202.145:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /messenger/web/metrics HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1017
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 21:09:23 GMT
content-type: text/html
status: 200 OK
cache-control: no-cache
access-control-allow-origin: https://ads2.bid
vary: Accept-Encoding
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-intercom-version: 48fae574a723797017c2df3de9de8de87bf93d17
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: 000dpprmqhbe7lvto73g
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
x-runtime: 0.016888
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0a24581f9166fc519
X-Firefox-Spdy: h2

ads2.bid/js/main.min.js

85.192.12.170

200 OK

0 B

URL HTTP/2
ads2.bid/js/main.min.js
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/main.min.js HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: application/javascript
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
vary: Accept-Encoding, Accept-Encoding
etag: W/"62b98f00-2b89f"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

ads2.bid/css/style.css

85.192.12.170

200 OK

0 B

URL HTTP/2
ads2.bid/css/style.css
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/style.css HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: text/css
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
vary: Accept-Encoding, Accept-Encoding
etag: W/"62b9bcc5-3cec2"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 21:09:15 GMT
date: Wed, 07 Dec 2022 21:09:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ads2.bid/

85.192.12.170

200 OK

0 B

URL HTTP/2
ads2.bid/
IP
85.192.12.170:0
ASN
#12695 LLC Digital Network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: text/html
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
vary: Accept-Encoding, Accept-Encoding
etag: W/"62b98ec9-1ddea"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2

top-fwz1.mail.ru/js/code.js

95.163.52.67

200 OK

0 B

URL HTTP/2
top-fwz1.mail.ru/js/code.js
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 16:42:10 GMT
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:0:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"637e4d62-85c6"
expires: Wed, 07 Dec 2022 22:09:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP