pmi1yarhxx.com/
85.192.12.170301 Moved Permanently 169 B IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pmi1yarhxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Wed, 07 Dec 2022 21:09:14 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://ads.bid/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2625
Expires: Wed, 07 Dec 2022 21:52:59 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19383
Expires: Thu, 08 Dec 2022 02:32:17 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 21:08:06 GMT
content-type: application/json
age: 68
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10136
Expires: Wed, 07 Dec 2022 23:58:10 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1elhXCYlrNS1duss4Sj/rSVcf4w1/vwl71ylvc+pi47KnXJnMMIzi4jArDPIhxnxZZxUUGN9apo=
x-amz-request-id: 0G5W2FFYWCFYN3WN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 20:47:39 GMT
age: 1295
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2eedf005c44c360101bc2606583c14f
35cb4128c37f0970c30efb82a30a6d911ee7cc26
16c0f92034ebe16f93dc064b4f27f7e36acc005901c635ea1d0105f39de28eca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16C0F92034EBE16F93DC064B4F27F7E36ACC005901C635EA1D0105F39DE28ECA"
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Thu, 08 Dec 2022 03:08:39 GMT
Date: Wed, 07 Dec 2022 21:09:14 GMT
Connection: keep-alive
ads.bid/
85.192.12.169301 Moved Permanently 169 B IP 85.192.12.169:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
GET / HTTP/1.1
Host: ads.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: text/html
content-length: 169
location: https://ads2.bid/
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 21:07:55 GMT
age: 80
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5221
Cache-Control: max-age=134676
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:33:51 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ad9b919bd13371b29856ec6dd61fb3e
b5b6e290d096c969b05c370590aed2d6e2beb1c4
3c5a51fec077bc2d30c31034388388523848da4c06becfc3a18a4be9aebae4b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C5A51FEC077BC2D30C31034388388523848DA4C06BECFC3A18A4BE9AEBAE4B9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Thu, 08 Dec 2022 03:08:49 GMT
Date: Wed, 07 Dec 2022 21:09:15 GMT
Connection: keep-alive
push.services.mozilla.com/
35.161.26.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.26.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: efvvVsK/zgOgCuwX+ZIE1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6GQsqy0z2632N/BIrzxNNu07lV4=
ads2.bid/img/logo.svg
85.192.12.170200 OK 15 kB IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2184), with CRLF line terminators
Hash 2cb86a2617812e69298d5d16b2b217e7
cbb7f246515032c6b2a5f8c38ee5a3bb59c24ac9
38a7b46f7b060f6e5d1f61ed283b3d879a1c08763b6a428203f4b3b8914f84f4
GET /img/logo.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 15103
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a78-3aff"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/russia.svg
85.192.12.170200 OK 240 B URL HTTP/2 ads2.bid/img/flags/russia.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 8a7f740ec4562951bb61d6f410f45ad8
1c86b9c13528f11a9e59eb74f5caadedcb3474ba
73eceeee5e4bb891c4e9641ffbf4d6fc81c82f7bbcde1abcf63ae0262c08e9a7
GET /img/flags/russia.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 240
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-f0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/uk.svg
85.192.12.170200 OK 1.3 kB URL HTTP/2 ads2.bid/img/flags/uk.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash f110e15006dd7f58ba085745a1a71b3b
a20b6a5abd66ce186b62500a6662f1be43c6114e
543e2bd008e241d50835b867b8eb4433d4b40312945a2d003858ba0ea2fd2b2a
GET /img/flags/uk.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1269
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-4f5"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/russia-min.svg
85.192.12.170200 OK 869 B URL HTTP/2 ads2.bid/img/flags/russia-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4cd44835cb84b8754499dafef124f189
655cc9d02551f684ff611330726d0cc515803cfb
ad7fadc96d59df0a0c95bb747791fd59404368cbe8fec6b4be8b7280897b544a
GET /img/flags/russia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 869
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-365"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/ukraine-min.svg
85.192.12.170200 OK 669 B URL HTTP/2 ads2.bid/img/flags/ukraine-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 077097f85304fdb94046c062c9686886
21ace30a1a2055f648ae44ff22047d47413be72f
eafee4032f09fc922a3538459ad78e56332a463084e57979fb0d1716d109097c
GET /img/flags/ukraine-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 669
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aab-29d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-599XP79
142.250.74.168200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-599XP79
IP 142.250.74.168:0
File type ASCII text, with very long lines (5706)
Hash dfd3318eec2c637f8842ae4b1e14faac
44f802460b435b3b03c0423beac45bfcb8058f3a
3460dc4f3508099f741fbbf63073884445c953ea9b2c4bd033f2bed95ad46f1f
GET /gtm.js?id=GTM-599XP79 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 21:09:15 GMT
expires: Wed, 07 Dec 2022 21:09:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47822
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads2.bid/img/flags/kazakhstan-min.svg
85.192.12.170200 OK 1.4 kB URL HTTP/2 ads2.bid/img/flags/kazakhstan-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (358), with CRLF line terminators
Hash 5bf32527d667180c1f9103fec9840857
14d4ef80e46b4d342b1ea56c4767a2cb078e761f
a4004c74fb41868da6a1b58329aca1cc1221c97ccdb7dd25f744b59ce46975f6
GET /img/flags/kazakhstan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1375
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-55f"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/belorussia-min.svg
85.192.12.170200 OK 1.7 kB URL HTTP/2 ads2.bid/img/flags/belorussia-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9bf759db37617f4ce5bb9fccab8587e4
df5bf0b2142979430dfe9243fc1b1342b44220f3
b2bbe2a0c9151adc186173fb7d5a47a8835c39ff8b19f38ca69669e8efbf9740
GET /img/flags/belorussia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1740
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa6-6cc"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads2.bid/img/flags/indonesia-min.svg
85.192.12.170200 OK 669 B URL HTTP/2 ads2.bid/img/flags/indonesia-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f7a31b129dec45d3f35d38c38d86e675
88d5713c049dbb1424ef85978676d467f0841bc2
a1cca6cc19cdcf9a61cd6b98f9885c27aad513ee8519dde02c842933f81298e6
GET /img/flags/indonesia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 669
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-29d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/moldova-min.svg
85.192.12.170200 OK 1.5 kB URL HTTP/2 ads2.bid/img/flags/moldova-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (485), with CRLF line terminators
Hash 05c51529d35b25530bb31ab46c2e229f
84b65350a98214d49743522e5addff4585613f4a
c19a87cab8d4bf158a9964070fbbee074f0d36987039f757bb30002478612fef
GET /img/flags/moldova-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1466
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-5ba"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/germany-min.svg
85.192.12.170200 OK 719 B URL HTTP/2 ads2.bid/img/flags/germany-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8d09eea9d875e1154034dab3ebd071a8
93bd38bb2fcc9976fc1f92a92321de53e6fbd967
720c80f07dd91419a199567308d69cded2780a1e2c9cdaecf2002144e9cf1207
GET /img/flags/germany-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 719
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-2cf"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/uzbekistan-min.svg
85.192.12.170200 OK 3.7 kB URL HTTP/2 ads2.bid/img/flags/uzbekistan-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f1b43febd356ffc6a8486ae0ba690b31
60a29fe5a0087ca18e00a1b36c8184a495f41820
6191156d3b3f0a96479568ee423e206c9052818051233c3a97da03d87ab38933
GET /img/flags/uzbekistan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 3701
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aab-e75"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/malaysia-min.svg
85.192.12.170200 OK 1.6 kB URL HTTP/2 ads2.bid/img/flags/malaysia-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 006bb45d06a810e0187e283b04dec390
7b4e09c07499353f93652c3a6a7b7a071fc13f2e
f92ce8174b645faa8697ea24a6d15d3015da377748d697aa307279c55bc2f8e6
GET /img/flags/malaysia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1603
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-643"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/czech-min.svg
85.192.12.170200 OK 768 B URL HTTP/2 ads2.bid/img/flags/czech-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dbb3ec84ca2fbf2239b083a9af9c6695
fb21b7ad49ea9b11b68021094a149b8c96c6d3b2
14def2ce66b939e146e8ff16073818adc0741e2514f6150b806999dbbe06fc5a
GET /img/flags/czech-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 768
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-300"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/thailand-min.svg
85.192.12.170200 OK 824 B URL HTTP/2 ads2.bid/img/flags/thailand-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ed8f3fd40921a038b219afcf371d83ec
d42cc97228d89fdec6f4166dc7b3c2ffa5372d13
4332b497722a26f5b459fa235a2160eeed342943f6dcb634310f7b4f2667c395
GET /img/flags/thailand-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 824
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-338"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/bulgaria-min.svg
85.192.12.170200 OK 741 B URL HTTP/2 ads2.bid/img/flags/bulgaria-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 79cc637d8901edc3be568de8cd90b39a
c2fd351a0f152b4ef68ffcfc8376fc11be1b5f21
41124e75f50d2bcd07801ec14bf69df39be1e9271c78241a999c9cbf96b3a7f2
GET /img/flags/bulgaria-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 741
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa6-2e5"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/vietnam-min.svg
85.192.12.170200 OK 834 B URL HTTP/2 ads2.bid/img/flags/vietnam-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 329cfb2247b98a11ced395496bcac501
b8b9ebfc82c41ccf4bd0ce000d79d1e209e0f953
e033c84f2d88a1560224079802bb3f05db0ba06565ecbb7ca757ae2bd22f6b1e
GET /img/flags/vietnam-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 834
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aab-342"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/lithuania-min.svg
85.192.12.170200 OK 741 B URL HTTP/2 ads2.bid/img/flags/lithuania-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 93d6a176c6437442faca70a6b624a0e4
b31a850fb64b4fd50d0873fabe545a7b164da3f1
327c7eda5334b5cf9ace6ee6a5d867673a0b1a3eb915d03342a158c85bac6416
GET /img/flags/lithuania-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 741
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa8-2e5"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/philippines-min.svg
85.192.12.170200 OK 1.7 kB URL HTTP/2 ads2.bid/img/flags/philippines-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (344), with CRLF line terminators
Hash 42172c2b8f81fd692d9d83ba71739e91
161235781eac3ab758a75c392a9ee3340e2c181f
88c48fbf470ffe877314bf46e8c3c83dc14bd18027195f7258828677e240d93d
GET /img/flags/philippines-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1728
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-6c0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/azerbaijan-min.svg
85.192.12.170200 OK 1.3 kB URL HTTP/2 ads2.bid/img/flags/azerbaijan-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (305), with CRLF line terminators
Hash a97c616ec0d208083a2586f5c2244d29
08d4f454aec5f3c411b145d2ece325cc76e5c86f
9db2032a3bce075fda5d53d6bc970a0e83c8fd8bad20870c2855fe934b7955bb
GET /img/flags/azerbaijan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1341
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa6-53d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/estonia-min.svg
85.192.12.170200 OK 719 B URL HTTP/2 ads2.bid/img/flags/estonia-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b80eca06d58cf0783f247bcb4813e01f
807066a956c581972c1e010959952ace70b377f7
ff45be88641b15fa998e9c8bc74b78dd129289d21b99e6b3c10f77d7ca7fd817
GET /img/flags/estonia-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 719
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-2cf"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/romania-min.svg
85.192.12.170200 OK 760 B URL HTTP/2 ads2.bid/img/flags/romania-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b6039ec5e482932bcd8222179975a8e4
508def060e2d505a09354a3d749242c56559e63a
ed3ffd301e1e00d7a7d65be31dac18143205b4fd2ffc3c1f2e0628444343e3e5
GET /img/flags/romania-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 760
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa9-2f8"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/india-min.svg
85.192.12.170200 OK 1.1 kB URL HTTP/2 ads2.bid/img/flags/india-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 02b891bbb268dfd5d1e182e0eaf6ebf2
48e9056043d00e8cb1fc035a21881df303976ff3
fd147d380d088c44ac12078ee97bf142a2621d95cd57b6aab5980a009523f956
GET /img/flags/india-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 1087
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aa7-43f"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/spain-min.svg
85.192.12.170200 OK 754 B URL HTTP/2 ads2.bid/img/flags/spain-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash edc412883ce19352f726c9a26e49dde8
711c321ac7ce9ad65c217164a4d9065e0c4b3ebc
afe893d587ec9e4d570b37a179135264d7e4751cba6af37115f40c8a34f58568
GET /img/flags/spain-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 754
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-2f2"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/home-slide-1.svg
85.192.12.170200 OK 2.7 kB URL HTTP/2 ads2.bid/img/home-slide-1.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (940), with CRLF line terminators
Hash b5cab03b63c0c765738872378aaf13ce
64886b7c52e775572e7529ddb92e91a8458e2331
c248f01010003a5307f2453cfa1a5cd70e6978518601b472a7efaf9b430d11e9
GET /img/home-slide-1.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 2746
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a73-aba"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/flags/tajikistan-min.svg
85.192.12.170200 OK 2.3 kB URL HTTP/2 ads2.bid/img/flags/tajikistan-min.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ea152a8b876e3724be7631de8335a86e
884b823c27fa9dbe1d73f2798ce091e2e69d8263
85b7d98e009116cf1bb7007a14d6ff69c688072e404b755eb91270f255b4023f
GET /img/flags/tajikistan-min.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 2348
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32aaa-92c"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/home-slide-3.svg
85.192.12.170200 OK 737 B URL HTTP/2 ads2.bid/img/home-slide-3.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 8b2fcdc954d4842802809010d30a4925
b7214ddb7e6e6dbac43f6c03743d14428c4c823a
0dc4f51f3c605628619f494cf3c07250ed530780efd23ad9c2de88161a70b4f7
GET /img/home-slide-3.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 737
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a75-2e1"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/home-slide-2.svg
85.192.12.170200 OK 3.0 kB URL HTTP/2 ads2.bid/img/home-slide-2.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (731), with CRLF line terminators
Hash db844e935cce1d07659fa8b47272dc92
92db6ee995112115e4855f5bbea9477fe88ac9cc
179daebbf40ea89563f6220f0d5134a9253f285468dba501f4c9eabdb3728c42
GET /img/home-slide-2.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 3008
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a74-bc0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/home-slide-4.svg
85.192.12.170200 OK 3.0 kB URL HTTP/2 ads2.bid/img/home-slide-4.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (731), with CRLF line terminators
Hash db844e935cce1d07659fa8b47272dc92
92db6ee995112115e4855f5bbea9477fe88ac9cc
179daebbf40ea89563f6220f0d5134a9253f285468dba501f4c9eabdb3728c42
GET /img/home-slide-4.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 3008
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a76-bc0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/about_check.svg
85.192.12.170200 OK 6.6 kB URL HTTP/2 ads2.bid/img/about_check.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (718), with CRLF line terminators
Hash e0c14101a87d36e9e670be713d35c68e
58d72652d1bea84dd62097063eeaf904be0a1a50
7c6a90697bc99b6bc82f44ca88ce827db402da62ff4e08dda127d898d01790cf
GET /img/about_check.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 6584
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-19b8"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/home-slide-5.svg
85.192.12.170200 OK 7.2 kB URL HTTP/2 ads2.bid/img/home-slide-5.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1485), with CRLF line terminators
Hash 5b65c305d625e46453d2e804221d9832
2d0cbad1affe673d4ff3032b4af0efd201d64724
60b938b596fcdd7a71a9ea3b4e6da8f2b1c4351a58a2381dd009d68152d16ae5
GET /img/home-slide-5.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 7195
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a77-1c1b"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/about-svg-1.svg
85.192.12.170200 OK 12 kB URL HTTP/2 ads2.bid/img/about-svg-1.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7287), with CRLF line terminators
Hash e615314f8d75efd39715e6b28db17e2c
3930259b13a4e8fc2a70b6548bdfa819562329ee
a1220eec7b864c3cb271817b4c32ad50f0a88ddbdb98c47a900baa390d69761d
GET /img/about-svg-1.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 12189
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6d-2f9d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/header-lk.jpg
85.192.12.170200 OK 22 kB URL HTTP/2 ads2.bid/img/header-lk.jpg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=455, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=912], progressive, precision 8, 912x28, components 3\012- data
Hash 2db5b4978d336363346ded42ab2817fc
c82cbe3538e6ed7741ee1a919de54781f560799d
b2551e931f73a79d945d0a586bb9c09526179a6b00538de2dd60d293bc26a16a
GET /img/header-lk.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 22374
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a72-5766"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/slide-lk-img-1.webp
85.192.12.170200 OK 18 kB URL HTTP/2 ads2.bid/img/slide-lk-img-1.webp
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 912x455, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00ac6f86b5ec4980057be723f4b9dbc8
da9ddcc3742d96cfec58b0004760dd3b1ae036c3
d1337445ad370e2210ee23a536fb1f7221cc703b19fb5a59920ca5d4e542f466
GET /img/slide-lk-img-1.webp HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/webp
content-length: 18120
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a83-46c8"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads2.bid/img/about-svg-3.svg
85.192.12.170200 OK 4.0 kB URL HTTP/2 ads2.bid/img/about-svg-3.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1652), with CRLF line terminators
Hash 600168544ae6d0d0c48b04528e9e90e3
adf11d9eaef8af52f0a49fb4b033c268b4b0a668
55791d5131421e40e2f627a0d055c87a3de67bac4d8cd9f793578948c87c0a36
GET /img/about-svg-3.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 4019
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6d-fb3"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/slide-lk-img-2.webp
85.192.12.170200 OK 15 kB URL HTTP/2 ads2.bid/img/slide-lk-img-2.webp
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 912x454, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 232e578366ca076b43790e23302ee10f
64e006d5c721e83afd1c337046a8e316fd0d5c45
592bd425ac151d6ab389b8064f615367da3355dbb1ab787d4b3ef915ae1addfb
GET /img/slide-lk-img-2.webp HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/webp
content-length: 14858
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a8b-3a0a"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/about-svg-5.svg
85.192.12.170200 OK 8.6 kB URL HTTP/2 ads2.bid/img/about-svg-5.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (702), with CRLF line terminators
Hash 9c5c3e2d65b439ceeeed7f6ee304d33c
8763ce6a576b23b763e2dc2f29ab110a092b19f9
fce7a6090cac9bbced3661e0cfc4226016ffa3303736a33d32d224f92423375a
GET /img/about-svg-5.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 8638
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-21be"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/slide-lk-img-11.webp
85.192.12.170200 OK 16 kB URL HTTP/2 ads2.bid/img/slide-lk-img-11.webp
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 912x454, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8f0d7abd3b689b10dc2c5b7bdb4d71a
d6747440ec86f26fc523243476177fe0eae57cc3
71b52a2784c59beb0049c316b2129b086333baf75505912a9ec6a7b6b94a5d86
GET /img/slide-lk-img-11.webp HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/webp
content-length: 15706
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a87-3d5a"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/about-svg-6.svg
85.192.12.170200 OK 4.8 kB URL HTTP/2 ads2.bid/img/about-svg-6.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4742), with CRLF line terminators
Hash ebbc18e3ff5543603e12e597f9dcc2c0
4db19e8d1f00fc39627043593fe6f84191fb6733
c88b054bd685b60fc565bda5e105f9a7ba6d96547117dbf3e2ea1a0f0d8f714f
GET /img/about-svg-6.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 4849
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-12f1"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/part-img-4.png
85.192.12.170200 OK 7.2 kB URL HTTP/2 ads2.bid/img/part-img-4.png
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type PNG image data, 168 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 3454f8e04a5dfece612b004d28e970cc
bc171979933afae2f90962c0ce0f1e3a89a9dd1c
11231862f28abf40cb1568392f93d0d5cca38817f112882066f1946831cc21bc
GET /img/part-img-4.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 7194
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-1c1a"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/parthners.png
85.192.12.170200 OK 19 kB URL HTTP/2 ads2.bid/img/parthners.png
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type PNG image data, 1105 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash f0b7551f4ff9d59b5436bc28960d0a62
eba94ff1348172c6da737f2d7d6a6db5706fd6bf
30857fecd6bb1f7e9dd3a53dedd2987ba04efa6d8a3a73bf68adf92ad56a9666
GET /img/parthners.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 19167
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7b-4adf"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/about-svg-2.svg
85.192.12.170200 OK 2.1 kB URL HTTP/2 ads2.bid/img/about-svg-2.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1443), with CRLF line terminators
Hash 4fcd0e18a5c7e3abe9cf9bf0a3c4b486
d1a94d8a5a1abbcced82db59884e536eb5d2ef59
83c3def82c3a9c7c32898d88a4bfe20c1f1e4df349097cce6cecb6bec7e6485a
GET /img/about-svg-2.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 2103
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6d-837"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/part-img-1.png
85.192.12.170200 OK 4.3 kB URL HTTP/2 ads2.bid/img/part-img-1.png
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type PNG image data, 360 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash e187f0bb5fac0a103ab7f818dc9d7c17
cd028edf24df740bd4a1114c0167ae943d3a8462
e724570a7f8a37a4e76dfc86d21f43b4a5e95cb997683ea77341c3bf4d1a218e
GET /img/part-img-1.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 4272
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-10b0"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/about-svg-4.svg
85.192.12.170200 OK 16 kB URL HTTP/2 ads2.bid/img/about-svg-4.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3197), with CRLF line terminators
Hash ea03594083da32fbb33887b1f4c2c7ab
dc8c475c699dcfd691bdf222cb8bbd2b9b593153
79e4ffb064b2c654a323f516e95abc3952bb41ec09ff6cbff11f9a97c1a09f27
GET /img/about-svg-4.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/svg+xml
content-length: 15972
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a6e-3e64"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/part-img-2.png
85.192.12.170200 OK 5.5 kB URL HTTP/2 ads2.bid/img/part-img-2.png
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type PNG image data, 160 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 009f4e6e6a6692351d5af3673d62d97b
e0878aef319bf00bd0353df41dd87d141256cd3f
2855cd9c5b18af0c875668be71e09aa86c945f91a22663a1491dfe0df519262d
GET /img/part-img-2.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 5506
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-1582"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/slide-lk-img-4.jpg
85.192.12.170200 OK 150 kB URL HTTP/2 ads2.bid/img/slide-lk-img-4.jpg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 912x455, components 3\012- data
Size 150 kB (150141 bytes)
Hash ecd44f518cb3af7caccbb68062c8b1ee
c74b90c602da4c3245d49c3b82c5ba011375c66b
7321165dd8e813e394583efbdf148a4084a59b806089382edab5f6f569548bac
GET /img/slide-lk-img-4.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 150141
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a95-24a7d"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/slide-lk-img-33.jpg
85.192.12.170200 OK 191 kB URL HTTP/2 ads2.bid/img/slide-lk-img-33.jpg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 912x455, components 3\012- data
Size 191 kB (190591 bytes)
Hash ae37519f0cc1a463d86d172feaf9d6ae
90e19f56b0fff7480f20fc886d2d16a2f639691c
2aae1796befcaf8bb52c43dc4867280c289161f644c0fdc1a451d6b0894e5d28
GET /img/slide-lk-img-33.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 190591
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a92-2e87f"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/part-img-3.png
85.192.12.170200 OK 5.4 kB URL HTTP/2 ads2.bid/img/part-img-3.png
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type PNG image data, 264 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c52c4f7b45bdf3fb58645fba8cd8bdf
9576d4c64672fbb30c6ae52cdc332628535d1144
7d4c7e994b51fa54cf73abe42845f85ca46bea3f6592f4de61fde326b9a01250
GET /img/part-img-3.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 5385
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7a-1509"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads2.bid/img/part-img-5.png
85.192.12.170200 OK 4.6 kB URL HTTP/2 ads2.bid/img/part-img-5.png
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type PNG image data, 306 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e2879a44f9ceb35cc4ef3f9edac03b0
0b4189d1bb2c6275ef717441e1e2eab604226aa6
753be78bb22242f44c98de3566c41b37df15ba6a88c00bf370068de24e5a75e8
GET /img/part-img-5.png HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/png
content-length: 4578
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a7b-11e2"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/slide-lk-img-3.jpg
85.192.12.170200 OK 221 kB URL HTTP/2 ads2.bid/img/slide-lk-img-3.jpg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 912x455, components 3\012- data
Size 221 kB (221286 bytes)
Hash 7fe0ef218d66f5f586759c7778275ab0
9c320bb07b0562d5f4ebb9c4fb4359b3bd68fc71
7d75980122409fe2ff43df2fd864cd70b705ef9450641ec5e05a3102a86fff32
GET /img/slide-lk-img-3.jpg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: image/jpeg
content-length: 221286
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
etag: "62a32a8f-36066"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/fire-ico.svg
85.192.12.170200 OK 868 B URL HTTP/2 ads2.bid/img/fire-ico.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (761), with CRLF line terminators
Hash 61a774e60011407abeb512c0eef12cba
67c775385fef5343b1b005d83cbcf431fc8d364a
a602abfc1f5b4fe73df2ab441a02b495f7bb599fc8232d36063aa4ea13dee286
GET /img/fire-ico.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 868
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a72-364"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/arrow-right.svg
85.192.12.170200 OK 954 B URL HTTP/2 ads2.bid/img/arrow-right.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (491), with CRLF line terminators
Hash b722cffb5c0d79642d6e2fa33d5f5baa
bd612d5dcd7adb6a94d2f9247e51825094e19517
ce1c4dfb00c9f5973c3238ec51eda969e8af20f7ee7f5cb5945de378db5feb7c
GET /img/arrow-right.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 954
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a6f-3ba"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads2.bid/img/home-fon.svg
85.192.12.170200 OK 11 kB URL HTTP/2 ads2.bid/img/home-fon.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 4432c7a64f0168ceb760016b67fa5171
437c77f832936af5bd1ed6a395b326124beff981
37ad1b25055cd39fc16b7d1470dd6ac1a0cbf0dd2606f0f4a969a5a2d097bbe7
GET /img/home-fon.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 11444
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a73-2cb4"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads2.bid/img/effect-bcg.svg
85.192.12.170200 OK 1.0 kB URL HTTP/2 ads2.bid/img/effect-bcg.svg
IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 2e3af36896cc33275ec0b57e462f7cca
30afdd036a2b7d54cece4fb2e8ad0d0dc9ca2cb0
1a295d1ad36ade839282ace47b85212a50d2fe1a857354e0ce61474799b284a4
GET /img/effect-bcg.svg HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/svg+xml
content-length: 1005
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a71-3ed"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 484745
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21276, version 1.0\012- data
Hash 59c9b83cc112cf7eeb3bf7a5e96b21fe
771790b776b5e1bc3039c337024e400974184208
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 03:02:37 GMT
expires: Sat, 02 Dec 2023 03:02:37 GMT
cache-control: public, max-age=31536000
age: 497199
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads2.bid/img/favicon.ico
85.192.12.170200 OK 1.2 kB IP 85.192.12.170:0
ASN #12695 LLC Digital Network
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2c145e14e43db1c298452c483cbae39b
0a3faa8c851360b524d8d87f78a860e3fb507bd1
ac22312963de5e250e6922e17ce1ad72984a9da53d5010570d6cbe58004fac4e
GET /img/favicon.ico HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wednesday, 07-Dec-2022 21:09:16 UTC
etag: "62a32a72-47e"
accept-ranges: bytes
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
widget.intercom.io/widget/cj2q9izh
54.230.111.95200 OK 6.2 kB URL HTTP/2 widget.intercom.io/widget/cj2q9izh
IP 54.230.111.95:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash 92d3c9c705af281194ec7089ea8de37d
6647334dbeda92505521222cd4882cca5b6b54f1
d71e67fe73c135e9b81a687af124e8464b3e844281fd911865920c59c9eb7cf8
GET /widget/cj2q9izh HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6170
last-modified: Wed, 07 Dec 2022 17:36:31 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 8S30TEETTVb3ej4nNEfDaQuaXeHd13ri
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 20:58:32 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "92d3c9c705af281194ec7089ea8de37d"
x-cache: Error from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: E-UkRsUdaFOHqMH1fHMGmKK2UsrOgVmqWhnn9vH5O_ccyMZF_ZwKrw==
age: 842
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5449
Cache-Control: max-age=114002
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 04:49:18 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 88ec7669372c146960b26218acad4ba7
65f1df07114095d6b8ec1c96fb5f66370a0e2cb1
5671c21fd2cf1084b3d0a72d690cc04d136595b309846b6ff206bb112ab189da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 21:09:16 GMT
Last-Modified: Wed, 07 Dec 2022 20:15:50 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7iwJmJHJkZ5YasbyKEUAhVO8KVsCwubvb8KmOUbpZR49KyoQK7Nceg==
Age: 3206
js.intercomcdn.com/frame.aaa02089.js
54.230.111.33200 OK 139 kB URL HTTP/2 js.intercomcdn.com/frame.aaa02089.js
IP 54.230.111.33:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 139 kB (138608 bytes)
Hash d11bd29f4a009461334adfeac7150152
12f8e16e3c2a15b21b07e39d6fae16f6b1c83289
a8ab1ad5d281a8619364492cceb6bcee54e760e708efebbc571930188cb070aa
GET /frame.aaa02089.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138608
last-modified: Wed, 07 Dec 2022 17:34:21 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: iQcCdYiEpvQmVssk5RjeCakX2FykeRrv
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 19:36:53 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "d11bd29f4a009461334adfeac7150152"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FZ4psQ7dbXJEXTbgd802hnfF1WxCKlg1lsx3un6Nsqt-lHbKn1fazA==
age: 5544
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 792c4e3e6638a89a78695fc627a07113
33160858ccb5f8200c461e119aff6870c4d4457f
2c2b38afd667c54c0246e0c4d0f178ba1b08d8eef8119526fdddbc6fbddb8b13
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 11 Dec 2022 18:00:37 GMT
ETag: "33160858ccb5f8200c461e119aff6870c4d4457f"
Last-Modified: Wed, 07 Dec 2022 18:00:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1354
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77603dc99dd9b4ee-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e76f661702cc0fbe5bc6b3399f81ceda
fbeae9f757be13eabf36f3c3d11c21d1b2d18afd
92986e7ea1c22ac47222affadcf214a5fe66a6f7cc6b1f7f14c4707d2a3ff1fa
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:33:37 GMT
ETag: "fbeae9f757be13eabf36f3c3d11c21d1b2d18afd"
Last-Modified: Wed, 07 Dec 2022 17:33:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2357
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77603dc998bdb527-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 75e10fd5d4cfd3955518241ac6d99ee9
3be085d3275593021685d5ec96c623f3ae75bab0
1aee74addac711e2f97f998a460161de638dd70522049ca09668598da47f43ab
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 21:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 19:28:26 GMT
ETag: "3be085d3275593021685d5ec96c623f3ae75bab0"
Last-Modified: Wed, 07 Dec 2022 19:28:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 442
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77603dc9bbe5fabc-OSL
connect.facebook.net/en_US/fbevents.js
157.240.247.8200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.247.8:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: MfNgmVnmEC38xKclHIEHI5M+VjkoVLMkG/AdCYNruRgrlOjkeDqYC3ovB4EX4y97aaixhOQg5CAGdooGFAN2hA==
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 21:09:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 20:46:55 GMT
expires: Wed, 07 Dec 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 1341
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3041a0828d1aeb289bac655852c04bbb
e7ac7db3b4861c0c269170a4b9f9cfcc07f30647
07600c5e37975e1e64911afe5150beb53526a4c552295fec54cda73347ebd833
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5449
Cache-Control: max-age=114002
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 04:49:18 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
vk.com/js/api/openapi.js?169
87.240.132.72200 OK 23 kB URL HTTP/2 vk.com/js/api/openapi.js?169
IP 87.240.132.72:0
File type ASCII text, with very long lines (3849)
Hash 6b56e2aa629cc5f334bba9e200af3bfe
1e99707868f45c499400d95e75348c3d7b7686f5
7cb4aa1277e9f29f5c6d21c642b7c08cfce199332e30395c20995847a0db3fab
GET /js/api/openapi.js?169 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: application/x-javascript
content-length: 23318
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
etag: "6389a5e0-5b16"
content-encoding: br
expires: Sun, 11 Dec 2022 21:09:16 GMT
cache-control: max-age=345600
x-frontend: front220206
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Wed, 07 Dec 2022 21:09:16 GMT
access-control-allow-origin: *
etag: "638eb36c-11e32"
expires: Wed, 07 Dec 2022 22:09:16 GMT
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 35b870e7599792ed46101906d2211e88
dfd7746cdc69cd89b3cab0034dbfb918dbca6b0f
2e763040e00e83350764888b62b79cd2d5bf9798d5158b1fe71f8bf279a050ba
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141042
Date: Wed, 07 Dec 2022 21:09:16 GMT
Etag: "63907dc1-1d7"
Expires: Fri, 09 Dec 2022 12:19:58 GMT
Last-Modified: Wed, 07 Dec 2022 11:49:21 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CFXT5YT-4Y4b6ZIob8pwY2HIJap9iKEBNwZH3Gc_a6o8g14ZvJEViw==
Age: 1837
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&gjid=1453695862&_gid=2059321532.1670447356&_u=YEBAAUAAAAAAACAAI~&z=1758024992
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&gjid=1453695862&_gid=2059321532.1670447356&_u=YEBAAUAAAAAAACAAI~&z=1758024992
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&gjid=1453695862&_gid=2059321532.1670447356&_u=YEBAAUAAAAAAACAAI~&z=1758024992 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ads2.bid
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 21:09:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 86 kB IP 142.250.74.131:0
File type gzip compressed data, from Unix\012- data
Hash 34ed29d05a4477c6206efe61f362646c
360e2bd0284bccc9353003cd812ebb0e02ae9e66
188b398b9148c2b782eb3bb67041cb1fae0ec034a2652de94eaea31fcd0e5dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vk.com/rtrg?p=VK-RTRG-1477217-3CDz7&metatag_url=https%3A%2F%2Fads2.bid%2F&metatag_title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
87.240.132.72200 OK 65 B URL HTTP/2 vk.com/rtrg?p=VK-RTRG-1477217-3CDz7&metatag_url=https%3A%2F%2Fads2.bid%2F&metatag_title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2
IP 87.240.132.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ec4341fe3a8b2c4880fbfe0ef9cde34f
a0947414eb426b2939ca1a05fc870763f6bfc63f
01229c58f8015c623259e635969b8520945e2e0de1927a1375d48ad0ce915463
GET /rtrg?p=VK-RTRG-1477217-3CDz7&metatag_url=https%3A%2F%2Fads2.bid%2F&metatag_title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/gif
content-length: 65
x-powered-by: KPHP/7.4.112808
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Fri, 01 Dec 2023 15:03:19 GMT; path=/; domain=.vk.com
remixstlid=9119172554139146963_1vpZsHkXbDId5x0LXZoxEWgrgxfY3e04sKp4bsKH1GL; expires=Thu, 07 Dec 2023 21:09:16 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front220206
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 21:09:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147625936-1&cid=822029897.1670447356&jid=1822298348&_u=YEBAAUAAAAAAACAAI~&z=1460260805 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 21:09:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;nt=0/0/1670447353895/////766/770/801/801/1134/874/1135/1282/1283/1292/1837/1841/1844/1863/1863/1864;ni=;lvid=1670447356227%3A1670447356240%3A2%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.010068563138647346;e=RT/load;et=1670447356238
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;nt=0/0/1670447353895/////766/770/801/801/1134/874/1135/1282/1283/1292/1837/1841/1844/1863/1863/1864;ni=;lvid=1670447356227%3A1670447356240%3A2%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.010068563138647346;e=RT/load;et=1670447356238
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;nt=0/0/1670447353895/////766/770/801/801/1134/874/1135/1282/1283/1292/1837/1841/1844/1863/1863/1864;ni=;lvid=1670447356227%3A1670447356240%3A2%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.010068563138647346;e=RT/load;et=1670447356238 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 21:09:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8240
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 21:09:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 83517
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 83736
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 83243
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 45385
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 20:49:36 GMT
age: 1180
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:16 GMT
access-control-allow-origin: *
etag: "638eb36c-2b"
expires: Wed, 07 Dec 2022 22:09:16 GMT
accept-ranges: bytes
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KkP8o_5GoqAukEAUkPrvsHE0v_36vO0wI7_97kvnUkqYc4ziC7UPpw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 16:47:32 GMT
age: 15704
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash e760d58e5f209d3dd63b9bde6d723040
1ac45ea931afa80a72c78fb7460e720941dbf066
8e3ea7eeaf150dd64781ee7c2c37525f352881f272e1fe655f02d60105e3ea24
GET /watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ads2.bid
Referer: https://ads2.bid/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Wed, 07 Dec 2022 21:09:16 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:16 GMT
last-modified: Wed, 07-Dec-2022 21:09:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1670447356227%3A1670447356235%3A1%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.42293741909801674 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads2.bid/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=5134261243354211&ev=PageView&dl=https%3A%2F%2Fads2.bid%2F&rl=&if=false&ts=1670447356423&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670447356422.491928265&it=1670447356051&coo=false&rqm=GET
157.240.247.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=5134261243354211&ev=PageView&dl=https%3A%2F%2Fads2.bid%2F&rl=&if=false&ts=1670447356423&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670447356422.491928265&it=1670447356051&coo=false&rqm=GET
IP 157.240.247.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=5134261243354211&ev=PageView&dl=https%3A%2F%2Fads2.bid%2F&rl=&if=false&ts=1670447356423&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670447356422.491928265&it=1670447356051&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 21:09:16 GMT
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
54.81.202.145200 OK 11 kB URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 54.81.202.145:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (31735), with no line terminators
Hash 7fbec4a19e83d425669cd874c87277f6
3c7636c302a88c0952fd0a5bd4f197a77acf7dff
f95cca606493d4ea9ab807b693da033ddda4ae916ae26688867227e12a00f109
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 580
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 21:09:17 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1670447360
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13332
access-control-allow-origin: https://ads2.bid
vary: Accept,Accept-Encoding
x-intercom-version: 48fae574a723797017c2df3de9de8de87bf93d17
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 000ec3ehu541robpn8ug
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"1cbebd70e5315d770b5c7c1c4e49af93"
x-runtime: 0.235995
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0a24581f9166fc519
X-Firefox-Spdy: h2
nexus-websocket-a.intercom.io/pubsub/5-c9Q5IHZHgV7oxNDBgHjRhw006O4UPcyEwiLM0qU8S5ibac1cHSs01ABwk9dH1tdLq51CcKPQFFoFk1E4Dcn0pClJSLai6B78_Z79?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
34.237.73.95101 Switching Protocols 0 B URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-c9Q5IHZHgV7oxNDBgHjRhw006O4UPcyEwiLM0qU8S5ibac1cHSs01ABwk9dH1tdLq51CcKPQFFoFk1E4Dcn0pClJSLai6B78_Z79?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP 34.237.73.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-c9Q5IHZHgV7oxNDBgHjRhw006O4UPcyEwiLM0qU8S5ibac1cHSs01ABwk9dH1tdLq51CcKPQFFoFk1E4Dcn0pClJSLai6B78_Z79?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ads2.bid
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D8Wuj4o51bNs7kP2zJ77Og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 07 Dec 2022 21:09:17 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BxP2k1S7CcCDdRXQPbgKSwiQBOA=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=965622084&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447359%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447359&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=965622084&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447359%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447359&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=965622084&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447359%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447359&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 186339
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:19 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:19 GMT
last-modified: Wed, 07-Dec-2022 21:09:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=266321485&wv-type=3&browser-info=we%3A1%3Aet%3A1670447360%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447360&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=266321485&wv-type=3&browser-info=we%3A1%3Aet%3A1670447360%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447360&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/81028300?wmode=0&wv-part=1&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=266321485&wv-type=3&browser-info=we%3A1%3Aet%3A1670447360%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210919%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447360&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:20 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:20 GMT
last-modified: Wed, 07-Dec-2022 21:09:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=889439889&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447361%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210920%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447361&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=889439889&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447361%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210920%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447361&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=889439889&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670447361%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210920%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447361&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 24
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:21 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:21 GMT
last-modified: Wed, 07-Dec-2022 21:09:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.72229fe3.js
54.230.111.33200 OK 43 B URL HTTP/2 js.intercomcdn.com/vendor.72229fe3.js
IP 54.230.111.33:0
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /vendor.72229fe3.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108252
last-modified: Wed, 07 Dec 2022 17:34:21 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: e6UsuzcR9p2QWJWnWbbZYja3qNqCv5Cy
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 19:36:53 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "2b808d49f42c0e80266d238f3ddcc6f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7_G6mnHDe4SK25yzNbZI_vHx6568XJEr9YxpqcNSFLq-RU5QFRv_Wg==
age: 5544
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1670447356227%3A1670447362896%3A3%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.4795669417874243;e=RT/unload;et=1670447362895;pvt=7163;vtauto=6678
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1670447356227%3A1670447362896%3A3%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.4795669417874243;e=RT/unload;et=1670447362895;pvt=7163;vtauto=6678
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3256619;u=https%3A//ads2.bid/;st=1670447355732;pid=USER_ID;title=ads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=17aad4cfa1c5ba4b;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1670447356227%3A1670447362896%3A3%3A9af11b0d82d30eb9886706f83cd51617;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.4795669417874243;e=RT/unload;et=1670447362895;pvt=7163;vtauto=6678 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:23 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1670447363:3256619:::; path=/; expires=Fri, 08-Dec-23 21:09:23 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=667944740&wv-type=3&browser-info=we%3A1%3Aet%3A1670447363%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210922%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447363&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=667944740&wv-type=3&browser-info=we%3A1%3Aet%3A1670447363%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210922%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447363&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/81028300?wmode=0&wv-part=2&wv-hit=507975317&page-url=https%3A%2F%2Fads2.bid%2F&rn=667944740&wv-type=3&browser-info=we%3A1%3Aet%3A1670447363%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221207210922%3Au%3A1670447356547260864%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670447363&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 21:09:23 GMT
access-control-allow-origin: https://ads2.bid
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:23 GMT
last-modified: Wed, 07-Dec-2022 21:09:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/81028300?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/81028300?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/81028300?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/81028300/1?wmode=7&page-url=https%3A%2F%2Fads2.bid%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1692%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1625280486958%3Ahid%3A507975317%3Az%3A0%3Ai%3A20221207210916%3Aet%3A1670447356%3Ac%3A1%3Arn%3A233781975%3Arqn%3A1%3Au%3A1670447356547260864%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A32%2C333%2C147%2C1%2C766%2C0%2C%2C555%2C2%2C1864%2C1864%2C0%2C1842%3Aco%3A0%3Ans%3A1670447353895%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670447356%3At%3Aads2.bid%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%BE%D0%BD%D0%B5%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 21:09:16 GMT
access-control-allow-origin: https://ads2.bid
set-cookie: yabs-sid=1247290111670447356; Path=/; SameSite=None; Secure
i=wmPeu8CQ8wxNTO6/MmtDqC0OoAkxRTLjUM1BeAoUdEaFzaeQCiirr94+GV7/GbjxeQqIOfxB9GgOE2yfQIzUELqxDgo=; Expires=Sat, 04-Dec-2032 21:09:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1324320311670447356; Expires=Thu, 07-Dec-2023 21:09:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1324320311670447356; Expires=Thu, 07-Dec-2023 21:09:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701983356.yc.1670447356#1701983356.yrts.1670447356#1701983356.yrtsi.1670447356; Expires=Thu, 07-Dec-2023 21:09:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 21:09:16 GMT
last-modified: Wed, 07-Dec-2022 21:09:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/metrics
54.81.202.145200 OK 0 B URL HTTP/2 api-iam.intercom.io/messenger/web/metrics
IP 54.81.202.145:0
POST /messenger/web/metrics HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1017
Origin: https://ads2.bid
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 21:09:23 GMT
content-type: text/html
status: 200 OK
cache-control: no-cache
access-control-allow-origin: https://ads2.bid
vary: Accept-Encoding
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-intercom-version: 48fae574a723797017c2df3de9de8de87bf93d17
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: 000dpprmqhbe7lvto73g
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
x-runtime: 0.016888
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0a24581f9166fc519
X-Firefox-Spdy: h2
ads2.bid/js/main.min.js
85.192.12.170200 OK 0 B IP 85.192.12.170:0
ASN #12695 LLC Digital Network
GET /js/main.min.js HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: application/javascript
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
vary: Accept-Encoding, Accept-Encoding
etag: W/"62b98f00-2b89f"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2
ads2.bid/css/style.css
85.192.12.170200 OK 0 B IP 85.192.12.170:0
ASN #12695 LLC Digital Network
GET /css/style.css HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: text/css
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
vary: Accept-Encoding, Accept-Encoding
etag: W/"62b9bcc5-3cec2"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300&display=swap
IP 142.250.74.106:0
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 21:09:15 GMT
date: Wed, 07 Dec 2022 21:09:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads2.bid/
85.192.12.170200 OK 0 B IP 85.192.12.170:0
ASN #12695 LLC Digital Network
GET / HTTP/1.1
Host: ads2.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 07 Dec 2022 21:09:15 GMT
content-type: text/html
last-modified: Wednesday, 07-Dec-2022 21:09:15 UTC
vary: Accept-Encoding, Accept-Encoding
etag: W/"62b98ec9-1ddea"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 0 B URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads2.bid/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 21:09:16 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 16:42:10 GMT
set-cookie: FTID=1RMYgQ0tkIIE:1670447356:0:::; path=/; expires=Fri, 08-Dec-23 21:09:16 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"637e4d62-85c6"
expires: Wed, 07 Dec 2022 22:09:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2