app.bidsearch.com Open in urlscan Pro
2606:4700:3037::6815:2182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
Effective URL:
https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
Submission: On February 28 via manual (February 28th 2023, 12:04:53 am UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 22 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3037::6815:2182, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.bidsearch.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2022. Valid for: a year.

This is the only time app.bidsearch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3037::6815:2182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4424	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21f... 2600:9000:21f3:6400:18:c421:2880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.147.105 18.66.147.105	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.46 13.32.121.46	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.29 13.32.27.29	16509 (AMAZON-02) (AMAZON-02)
12	13.110.67.199 13.110.67.199	14340 (SALESFORCE) (SALESFORCE)
1 3	2606:4700:20:... 2606:4700:20::681a:654	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	161.71.2.38 161.71.2.38	14340 (SALESFORCE) (SALESFORCE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	52.43.163.23 52.43.163.23	16509 (AMAZON-02) (AMAZON-02)
2	13.109.187.222 13.109.187.222	14340 (SALESFORCE) (SALESFORCE)
1	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	50.19.154.221 50.19.154.221	14618 (AMAZON-AES) (AMAZON-AES)
68	26

8 2606:4700:3037::6815:2182 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.bidsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4424 (United States)

ASN13335 (CLOUDFLARENET, US)

app.getbeamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:6400:18:c421:2880:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.api.here.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:213 (United States)

ASN13335 (CLOUDFLARENET, US)

app.satismeter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-105.fra60.r.cloudfront.net

code.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-46.fra60.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-29.fra56.r.cloudfront.net

js.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.110.67.199 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

govspend.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:654 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.helphero.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
helphero.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.71.2.38 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-lhr3.um4-lo2.force.com

csp-report.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.163.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-163-23.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.109.187.222 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl12-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com

d.la4-c1-ia4.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.19.154.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-154-221.compute-1.amazonaws.com

042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	salesforce.com govspend.my.salesforce.com	45 KB
8	bidsearch.com 1 redirects app.bidsearch.com	2 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1051 q.stripe.com — Cisco Umbrella Rank: 6717 m.stripe.com — Cisco Umbrella Rank: 1056	121 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	419 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	27 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
3	helphero.co 1 redirects app.helphero.co — Cisco Umbrella Rank: 60584 helphero.co — Cisco Umbrella Rank: 59542	53 KB
2	es.io 042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io	40 B
2	salesforceliveagent.com d.la4-c1-ia4.salesforceliveagent.com — Cisco Umbrella Rank: 14170 d.la4-c2-ia5.salesforceliveagent.com Failed	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1159	17 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	upscope.io code.upscope.io — Cisco Umbrella Rank: 29293 js.upscope.io — Cisco Umbrella Rank: 47411	37 KB
2	satismeter.com app.satismeter.com — Cisco Umbrella Rank: 20334	68 KB
2	here.com js.api.here.com — Cisco Umbrella Rank: 20166	287 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	8 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6149	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	350 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 856	11 KB
1	force.com csp-report.force.com — Cisco Umbrella Rank: 13432	729 B
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 6937	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	3 KB
1	getbeamer.com app.getbeamer.com — Cisco Umbrella Rank: 15065	21 KB
68	22

	Domain	Requested by
12	govspend.my.salesforce.com	app.bidsearch.com govspend.my.salesforce.com
8	app.bidsearch.com	1 redirects app.bidsearch.com
4	www.google.com	app.bidsearch.com www.gstatic.com www.google.com
4	fonts.googleapis.com	app.bidsearch.com
3	fonts.gstatic.com	fonts.googleapis.com
3	q.stripe.com	app.bidsearch.com
3	js.stripe.com	app.bidsearch.com js.stripe.com
3	www.gstatic.com	www.google.com
2	042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io	app.bidsearch.com
2	d.la4-c1-ia4.salesforceliveagent.com	govspend.my.salesforce.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google-analytics.com	app.bidsearch.com
2	helphero.co	app.helphero.co
2	app.satismeter.com	app.bidsearch.com app.satismeter.com
2	js.api.here.com	app.bidsearch.com
2	cdn.jsdelivr.net	app.bidsearch.com
1	www.google.de
1	stats.g.doubleclick.net	app.bidsearch.com
1	use.fontawesome.com	app.bidsearch.com
1	m.stripe.com	m.stripe.network
1	csp-report.force.com
1	app.helphero.co	1 redirects
1	js.upscope.io	code.upscope.io
1	public.profitwell.com	app.bidsearch.com
1	code.upscope.io	app.bidsearch.com
1	cdnjs.cloudflare.com	app.bidsearch.com
1	app.getbeamer.com	app.bidsearch.com
0	d.la4-c2-ia5.salesforceliveagent.com Failed	govspend.my.salesforce.com
68	28

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
js.api.here.com GlobalSign RSA OV SSL CA 2018	`2023-01-03` - `2024-02-04`	a year	crt.sh
satismeter.com Cloudflare Inc ECC CA-3	`2022-07-18` - `2023-07-17`	a year	crt.sh
upscope.io Amazon RSA 2048 M02	`2022-11-22` - `2023-12-21`	a year	crt.sh
*.profitwell.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.um4.force.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-05` - `2024-01-04`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
la4-c1-ia4.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.us-east-1.aws.elastic-cloud.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
Frame ID: B119574FD52548DC44E28F0226C2B3D6
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdN4vcUAAAAAKeWxMOJTAvg3Wabwq9lbm-Fx_zq&co=aHR0cHM6Ly9hcHAuYmlkc2VhcmNoLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=fys11x1xcc3b
Frame ID: B973AE8FE95255A557753B025DE585D9
Requests: 4 HTTP requests in this frame

Frame: https://helphero.co/assets/player_frame_65dac2d010754e775aaa27bafadb143b.js
Frame ID: 045ED43715A4345A1B6732A360A30501
Requests: 1 HTTP requests in this frame

Frame: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
Frame ID: 50FB648FFF52E4728644856360C99304
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: A1C3DB185A9F1C14EFD8C73E1CDE1902
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1E8B86CD908B8BBA4F9E9F77582B0F52
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Error | BidSearch

Page URL History Show full URLs

http://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be HTTP 301
https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

68
Requests

94 %
HTTPS

60 %
IPv6

22
Domains

28
Subdomains

26
IPs

5
Countries

3327 kB
Transfer

11862 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be HTTP 301
https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://app.helphero.co/embed/ItRQ4Ofskgb HTTP 302
https://helphero.co/assets/player_790928f53f366df97aee6be1750b91f9.js

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 0714e88f7e7e9379433a3fa44fc5be Show response
app.bidsearch.com/verify/
Redirect Chain

http://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

4 KB
2 KB

259ms
242ms

Document
text/html

2606:4700:3037::6815:2182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bea245b6fe5e79726297fcf431373cc3e52e9a5f07bc12df02bb5b965963182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7a04e7a73fd12bb2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 28 Feb 2023 00:04:48 GMT
expect-ct: max-age=0
last-modified: Fri, 24 Feb 2023 22:32:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6OYplSKZGsjJ2%2F9%2F912KpEgSaqOygP9tX9vv%2FFG5lzc2tNHLYTbmhfJVyW01BaH9CdCUTwIN9ZOC5RVX2Y1%2B6fGKNMj6E8MkSnZ9iMHOx846CtVCxgH3K3m9oFconzxlR8hUwSjdvLZcc8Fex3Leg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7a04e7a6ea0a3835-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 28 Feb 2023 00:04:47 GMT
Expires: Tue, 28 Feb 2023 01:04:47 GMT
Location: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiIC3wyN0aeggyAa70Nm7kIozOUBX7IFfqFDyqNIz9fpqShT6Z9leKYVkZLL71LEB%2FQ7U07ddebqOZgVLbk%2Fb3Gyv3lVD%2BSHpPqVe16kVz2r8z%2B4H6kbcY7%2FEBBuYpT9iG7DaJ2ntB1K0jvFXrS17w%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
824 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 22:46:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 00:04:48 GMT

GET
H2 200 animate.min.css
cdn.jsdelivr.net/npm/animate.css@3.5.2/ 52 KB
4 KB 55ms
10ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/animate.css@3.5.2/animate.min.css

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Feb 2023 00:04:48 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 488647
x-jsd-version: 3.5.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3958
x-served-by: cache-fra-eddf8230057-FRA, cache-hhn-etou8220028-HHN
x-jsd-version-type: version
etag: W/"ce35-l6+hUVafBGsuAfJ8GHFkbpzYfK8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 1 KB
500 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alex+Brush

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d301db383eb1263ebc0a41ea049c7db16a5a31d8001ca716700f8a52b1cbe26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 23:25:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 00:04:48 GMT

GET
H2 200 salesforcechat.css
app.bidsearch.com/ 211 B
471 B 239ms
239ms Stylesheet
text/css 2606:4700:3037::6815:2182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.bidsearch.com/salesforcechat.css

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8400b48efc87af9a82f708e1ff330f557597a0357a84e1bc07ccfb4b40ca13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 24 Feb 2023 22:30:12 GMT
server: cloudflare
etag: W/"d3-186858c5520"
x-download-options: noopen
expect-ct: max-age=0
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E68oC0QFCOBTZAnkFdYC7td1qXXPk07wRZnZ9eXoBvlqhILdHfNx4pfim3iVrmUTNcaMldXlDOruej%2FnA8jBWTJVH3d7oeW3AE1PtrcRHAAqpejWN2XN81OcerZ0kXKGMSyWWPoHn%2Favsbhi8bwazQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0
cf-ray: 7a04e7a8b8d02bb2-FRA

GET
H2 200 main.4708244a.css
app.bidsearch.com/static/css/ 34 KB
6 KB 241ms
241ms Stylesheet
text/css 2606:4700:3037::6815:2182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.bidsearch.com/static/css/main.4708244a.css

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4ee076763a25ecbcec671289b252e54a6ed13555171b2670777ec76b0dee41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 24 Feb 2023 22:32:49 GMT
server: cloudflare
etag: W/"8685-186858eba68"
x-download-options: noopen
expect-ct: max-age=0
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaizx8rPhJZFS9EIzON4nswv5ZaPnNZlfH8KSs64z%2Fl%2BFUaR3oPP5exQNWPa679oUGEkzyoDTjnOwOpYcVXYMDv2V08mi7oUUX4AOe444ar%2B1Sr8NXwjRM4GhYzTA0fukAR0z%2BsYdvEWydGLRLQj5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0
cf-ray: 7a04e7a8b8d22bb2-FRA

GET
H3 200 rocket-loader.min.js Show response
app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 2606:4700:3037::6815:2182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 10:50:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f5f393-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jVqjIx%2FNyyrveeTtniV5bKTBE4QdHYxAzt69Jb7Vbii69%2B2NXFmTTLwcsEBc%2BPUb46w6ncQ5bc%2Bj6on%2FpADYhoM26qm1wPkzPTs2TnG5Ahbj%2BS1crd1jEVROJV0H3qOvQTUAajQE%2Bq7ILEPh0Ii1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7a04e7a8def33643-FRA
expires: Thu, 02 Mar 2023 00:04:48 GMT

GET main.4e97c075.js
app.bidsearch.com/static/js/ 0
0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
907 B 110ms
46ms Script
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdN4vcUAAAAAKeWxMOJTAvg3Wabwq9lbm-Fx_zq

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e01cf71eb2d9237730ec3880367e0206782d921fa6a11e69da25ac171bfe309

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 28 Feb 2023 00:04:48 GMT

GET
H2 200 beamer-embed.js Show response
app.getbeamer.com/js/ 88 KB
21 KB 49ms
16ms Script
application/javascript 2606:4700:20::ac43:4424
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.getbeamer.com/js/beamer-embed.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4424 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de921865ddbd57a0fb4100cd4d204c764f5cf2c84675c1523cb4ab9f9e8e6869

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12965
cf-polished: origSize=90358
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 22 Feb 2023 18:03:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2F0KrIuIRwq0Z57FPXWM8gc30YVhZ%2FX4WUpADWI0TEHmn7Nxo1xBV7D%2BZGCFhRi%2FOPB%2BOLq7yOO5eMgVafCdpuIBYVhbqJQITAKUw2zPaQVtSknHrWyZDL7xN84POXZYRSQDZznxYMnL7YXWTSDW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7a04e7aa7ad390ef-FRA
expires: Tue, 28 Feb 2023 04:04:48 GMT

GET
H2 200 mapsjs-service.js Show response
js.api.here.com/v3/3.1/ 86 KB
28 KB 86ms
8ms Script
application/javascript 2600:9000:21f3:6400:18:c421:2880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.api.here.com/v3/3.1/mapsjs-service.js
Requested by: Host: app.bidsearch.com
URL: https://app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6400:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a57cacef7a10c70400de832f3722c24e01a520c5494cca521740cb94b954bbee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:58:39 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 17:57:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 21970
x-amz-server-side-encryption: AES256
etag: W/"a7b52cb35c9286b5cae1e313f6645621"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: RgCDAr5d1pkZTa758XOh4s7HRiGkv2mfkw_YgzOdNwp5xVGu0n82kg==

GET
H2 200 mapsjs-core.js Show response
js.api.here.com/v3/3.1/ 809 KB
259 KB 92ms
14ms Script
application/javascript 2600:9000:21f3:6400:18:c421:2880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.api.here.com/v3/3.1/mapsjs-core.js
Requested by: Host: app.bidsearch.com
URL: https://app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6400:18:c421:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe98fcea0f008cad57d7b03611eee7fa3bf38c4628d4bb8f58d2113ad8e4e0aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:58:36 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 17:57:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 21973
etag: W/"b760bbdcf264786098d875d110c8df40"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: WB5oLMzgrybswOVbmVpoEduUbfOemw_jgdxRuYm3_OiJY28LWmyAwQ==

GET
H2 200 fetch.js Show response
cdnjs.cloudflare.com/ajax/libs/fetch/2.0.3/ 12 KB
3 KB 30ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fetch/2.0.3/fetch.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe366a090ac067171ba1cfeb38e239e18154e8a54b022fd9bece881b4c555f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2321270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2864
last-modified: Mon, 04 May 2020 16:10:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e59-3188"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEiWvMWcq59mpUK7L65lsDZxbbuvIdeNcQX2blhNGqyGVCA7jnzbATSv8I33gVnN7Cu2HtTsxMwXi4xtSxb9EpGNiYvW0nmVpVwSWbCnghTOHGLwUd9N9TLsTTjpXGgGfmehnjbNEmF0xZNbfcPlWFu2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a04e7aa5c0b382c-FRA
expires: Sun, 18 Feb 2024 00:04:48 GMT

GET
H2 200 satismeter.js Show response
app.satismeter.com/ 265 KB
67 KB 56ms
14ms Script
application/javascript 2606:4700::6812:213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/satismeter.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

96e27d477baaa21d6e8adb93af494cac3ecb261a487bd2523d97b5f61353fa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
server: cloudflare
age: 44
etag: W/"10aa6-09TQStU+qTsctBrWrYTzY0wO/eI"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a04e7ab7e509191-FRA
content-length: 68262
expires: Tue, 28 Feb 2023 04:04:48 GMT

GET
H3 200 salesforcechat.js Show response
app.bidsearch.com/ 1 KB
1 KB 241ms
240ms Script
application/javascript 2606:4700:3037::6815:2182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.bidsearch.com/salesforcechat.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

728117bb67adb514f007927dcbcc60e7b1ddab400b3807068225ba91db3f185b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 24 Feb 2023 22:30:12 GMT
server: cloudflare
etag: W/"581-186858c5520"
x-download-options: noopen
expect-ct: max-age=0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACJKNCRlJX4FszCo%2FQZlXL7XcPsEOCYiwlVq5%2B10RNU6xJ%2FmYjAkvh%2FYdZfpQCXX0KtOedqcbcZDLEpdrXqhoCXDgmWOQN%2FdRu4NqGa9LbIOSpbEVfhGRmc%2FYSqKk15GbAmZPOKDxDO83aSPBtM%2BXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0
cf-ray: 7a04e7ab38ef3643-FRA

GET
H2 200 zt2Uwc8kFQzzc5ijEWZRGBQr.js Show response
code.upscope.io/ 1 KB
956 B 48ms
19ms Script
application/javascript 18.66.147.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.upscope.io/zt2Uwc8kFQzzc5ijEWZRGBQr.js
Requested by: Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-105.fra60.r.cloudfront.net
Software: /
Resource Hash: 28ae1c12f12db679b3470729d86927fc2389caf30149253e5c598e329cb5d815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60,public
x-amz-cf-id: iYGpVaOsjP86R-_SZ3bQJEuwyxGhyyZVUoB28K9IFK6_bN5JKyIDEA==

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 502ms
415ms Script
application/x-javascript 13.32.121.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=7f8435bd77270107340993dcd237a5e8
Requested by: Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-46.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
date: Tue, 28 Feb 2023 00:04:49 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=86400
x-amz-cf-id: uEJGEVXXTIVNQBL-XNsBtE6jBKQF4E3gVarPGDhOJmukdStpNRdu7A==

GET
H3 200 main.4e97c075.js Show response
app.bidsearch.com/static/js/ 8 MB
2 MB 750ms
750ms Script
application/javascript 2606:4700:3037::6815:2182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.bidsearch.com/static/js/main.4e97c075.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dda87f89687e1bb51e4b39f516a0aeec29fcd1d22d2cc693696f78bf92a8972e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 24 Feb 2023 22:32:49 GMT
server: cloudflare
etag: W/"82c5a6-186858eba68"
x-download-options: noopen
expect-ct: max-age=0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej4i0NCL%2F52eKO39o0KJvoih61RfxVe0FWrnVBUc4sxTXQpnjuq7VFFlM%2FLq8rGUuZA6i53UEilcC9MYrPK0oZG%2FunCQlAfR6hzEUkZHjXa38h4I8Y7VN6JGoHB1Yff5G2VLKIXRlx3OrA5jQ35i9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0
cf-ray: 7a04e7ab48f13643-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 408 KB
163 KB 82ms
21ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdN4vcUAAAAAKeWxMOJTAvg3Wabwq9lbm-Fx_zq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.bidsearch.com/
Origin: https://app.bidsearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 08:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 08:17:30 GMT

GET
H2 200 upscope-2.2.16.es6.js Show response
js.upscope.io/ 123 KB
36 KB 72ms
15ms Script
text/javascript 13.32.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.upscope.io/upscope-2.2.16.es6.js
Requested by: Host: code.upscope.io
URL: https://code.upscope.io/zt2Uwc8kFQzzc5ijEWZRGBQr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-29.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50d1a6fe3b96b822a2fd4d8570cac9504bf7db07ba902ab74f75b40b31e28dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 16:04:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 18
etag: W/"91db7c69fb975478c48d89522e620d72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000,public
x-amz-cf-id: EwoHKrPyVO28JEF2jVsbczSbPd33ywl54MFDXn5nsDvDBj9sKLxJFQ==

POST
H2 200 widget Show response
app.satismeter.com/api/ 1 KB
983 B 385ms
370ms XHR
application/json 2606:4700::6812:213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.satismeter.com/api/widget

Requested by

Host: app.satismeter.com
URL: https://app.satismeter.com/satismeter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5fc3d5fbb3c5d14b002526f3579af5271d4c135d7282d4a0e533ae921dfdd41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.bidsearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"439-c5vP7TEcvDeSc8gxnLxLCMRs4P4"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: PUT,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Location,Auth-Token
cf-ray: 7a04e7abecec361d-FRA
access-control-allow-headers: Content-Type,Auth-Token,Traceparent,Request-Context

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B973 47 KB
26 KB 60ms
59ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdN4vcUAAAAAKeWxMOJTAvg3Wabwq9lbm-Fx_zq&co=aHR0cHM6Ly9hcHAuYmlkc2VhcmNoLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=fys11x1xcc3b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6580b9852d78c300070ccd3e1b2d05b3832cbe876af8e7994a38c8b871a81c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZySC-6wixCZ6c_VmeIz8Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.bidsearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25764
content-security-policy: script-src 'report-sample' 'nonce-ZySC-6wixCZ6c_VmeIz8Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 00:04:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK esw.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/ 30 KB
9 KB 1054ms
100ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/salesforcechat.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:49 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame B973 55 KB
24 KB 61ms
20ms Stylesheet
text/css 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdN4vcUAAAAAKeWxMOJTAvg3Wabwq9lbm-Fx_zq&co=aHR0cHM6Ly9hcHAuYmlkc2VhcmNoLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=fys11x1xcc3b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 20:07:16 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame B973 408 KB
163 KB 71ms
30ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 08:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 08:17:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B973 102 B
134 B 44ms
44ms Other
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdN4vcUAAAAAKeWxMOJTAvg3Wabwq9lbm-Fx_zq&co=aHR0cHM6Ly9hcHAuYmlkc2VhcmNoLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=fys11x1xcc3b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 28 Feb 2023 00:04:48 GMT

GET
H2

200

player_790928f53f366df97aee6be1750b91f9.js Show response
helphero.co/assets/
Redirect Chain

https://app.helphero.co/embed/ItRQ4Ofskgb
https://helphero.co/assets/player_790928f53f366df97aee6be1750b91f9.js

6 KB
3 KB

39ms
19ms

Script
application/javascript

2606:4700:20::681a:654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helphero.co/assets/player_790928f53f366df97aee6be1750b91f9.js
Protocol: H2
Server: 2606:4700:20::681a:654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99815fcf6b8b370527db54ce3dea4dd678df1ebd6a119617c46e7ec11b454850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674538041
age: 3003645
x-guploader-uploadid: ADPycdsgSWSv-Hy-op6ji8hsAhLLOt7ZMIhvotvtwPPOcxlU_HmJlwI9K7ntTgCAsXUK9GXYLzyToQSbcdtSU7WYb8TX9-hy5l8D
x-guploader-response-body-transformations: gunzipped
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Tue, 24 Jan 2023 05:37:58 GMT
server: cloudflare
etag: W/"d4ad1071690d437263b4322428ce892c"
vary: Accept-Encoding
x-goog-generation: 1674538678039994
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=D2nypQ==, md5=1K0QcWkNQ3JjtDIkKM6JLA==
cache-control: public, immutable, max-age=31536000
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 2687
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2srD0sU2l6HAyLeHC5fbAUfxJaaxNOTcxFtK6%2FUd79XtPbrqOcUZew6v0rVY9uQed71ftY17pCRG1tM%2FRlgMbRH%2BvTOWJcLG9VmoIwW7atzcS6Far72dcQjTmT0BBm%2BkkILplVrwNpWX"}],"group":"cf-nel","max_age":604800}
cf-ray: 7a04e7b8abb49baa-FRA
expires: Wed, 24 Jan 2024 05:40:39 GMT

Redirect headers

date: Tue, 28 Feb 2023 00:04:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxnLbVSPI4%2F9yapxm5wQuklelBRL8WvFpfwP%2BJhBatgI2IvLh5bJNrnXK%2BlFwXjty6KFJ6G836BwsTieP%2FMG2yDfTKDE%2F3%2B6UEvhQPR%2BZNYHdqxpdyYXs7p%2Bn6YwrzOPINS5MuAGnYGWUD1wSw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://helphero.co/assets/player_790928f53f366df97aee6be1750b91f9.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a04e7b83b669baa-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK common.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/utils/ 5 KB
3 KB 98ms
98ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:50 GMT

GET
H2 200 player_frame_65dac2d010754e775aaa27bafadb143b.js Show response
helphero.co/assets/ Frame 045E 140 KB
49 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helphero.co/assets/player_frame_65dac2d010754e775aaa27bafadb143b.js
Requested by: Host: app.helphero.co
URL: https://app.helphero.co/embed/ItRQ4Ofskgb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8363b23d5c80f52a43f9f6da2139350f1475b97a8cf56bf855ffdfd6531d9c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674538041
age: 3003853
x-guploader-uploadid: ADPycdtaIq27OLSYnx-2onnzTnHrU9MZCy9-rnwdNaqxD2-YVRuPgclxxMr502I87RLQG8A-3I78sTkiFXKZ9ENEGKeiUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Tue, 24 Jan 2023 05:37:58 GMT
server: cloudflare
etag: W/"3894801ba1ea3703ee78da4319583cc7"
vary: Accept-Encoding
x-goog-generation: 1674538678161758
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=2adrkw==, md5=OJSAG6HqNwPueNpDGVg8xw==
cache-control: public, immutable, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrDKBgxGr8JCeLQeFWsNbxLkifSdm%2FhKztQ9xxe8CA5Jt1FW71TGWuKTTVtxuLp4%2Fq%2FxqR3wpPm6mcanOrIwOWVb%2BdZp0w%2BIt%2FxTvFAKrhzm8vg4m6FG6EaaeMgS6iioa9vfgNuQpHNC"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 49173
cf-ray: 7a04e7b8dbda9baa-FRA
expires: Wed, 24 Jan 2024 05:40:37 GMT

GET
H/1.1 200
OK esw.min.css
govspend.my.salesforce.com/embeddedservice/5.0/ 9 KB
5 KB 96ms
96ms Stylesheet
text/css 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.css

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:50 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/client/ 20 KB
6 KB 97ms
96ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:50 GMT

GET
H/1.1 200
OK esw.html Show response
govspend.my.salesforce.com/embeddedservice/5.0/ Frame 50FB 194 B
1 KB 95ms
95ms Document
text/html 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.bidsearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: file:; frame-ancestors 'self' *.salesforce.com *.force.com *.visualforce.com *.documentforce.com; font-src https: data: blob: file:; connect-src 'self' https:; report-uri https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=mydomain
Content-Type: text/html;charset=UTF-8
Date: Tue, 28 Feb 2023 00:04:50 GMT
Expires: Wed, 01 Mar 2023 00:04:50 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H2 200 v3 Show response
js.stripe.com/ 437 KB
117 KB 69ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1362a7fc1a96be4941231e5b07315568784e25937c7c4d021379749089e53ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 00:04:51 GMT
via: 1.1 varnish
age: 19
x-cache: HIT
content-length: 119776
x-request-id: 9b399bb9-ba4f-4d7c-b7c0-caa46147a508
x-served-by: cache-hhn-etou8220039-HHN
last-modified: Mon, 27 Feb 2023 23:39:08 GMT
server: Fastly
etag: "9f023daf06a04e08097e0a8bb3b07504"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 22:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Feb 2023 00:14:50 GMT

POST
H/1.1 200
OK ContentDomainCSPNoAuth
csp-report.force.com/_/ 0
729 B 137ms
23ms Other
text/plain 161.71.2.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=mydomain
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.71.2.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS: dcl5-ncg0-lhr3.um4-lo2.force.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.bidsearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

GET
H/1.1 200
OK eswFrame.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/ Frame 50FB 5 KB
3 KB 95ms
94ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:51 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame A1C3 200 B
787 B 6ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.bidsearch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7077588
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 00:04:51 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 362870
x-content-type-options: nosniff
x-request-id: ac2d340f-4ba3-4daa-9256-4d96e8c0991c
x-served-by: cache-hhn-etou8220039-HHN

GET
H/1.1 200
OK session.esw.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/frame/ Frame 50FB 2 KB
2 KB 98ms
97ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:10:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:51 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/frame/ Frame 50FB 2 KB
1 KB 97ms
97ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:51 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame A1C3 0
600 B 603ms
169ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 00:04:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A1C3 0
601 B 601ms
168ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 00:04:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A1C3 631 B
468 B 6ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 00:04:51 GMT
via: 1.1 varnish
age: 7077587
x-cache: HIT
content-length: 332
x-request-id: 60d5a8c0-a7a6-437b-94c4-209506dd0ac3
x-served-by: cache-hhn-etou8220039-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 327094

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1E8B 930 B
1 KB 16ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 300
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 00:04:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 02ab30b3-cd43-473c-8a3d-223d3b635ed7
x-served-by: cache-hhn-etou8220039-HHN
x-timer: S1677542691.454618,VS0,VE1

POST
H2 200 csp-report
q.stripe.com/ Frame 1E8B 0
374 B 572ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Tue, 28 Feb 2023 00:04:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 1E8B 86 KB
16 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Feb 2023 00:04:51 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 285
x-cache: HIT
content-length: 16031
x-request-id: b0327999-7c2f-4d69-8fac-d3ebb46a0b2a
x-served-by: cache-hhn-etou8220039-HHN
server: Fastly
x-timer: S1677542691.467675,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 148

POST
H2 200 6 Show response
m.stripe.com/ Frame 1E8B 156 B
552 B 527ms
176ms XHR
application/json 52.43.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.163.23 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-163-23.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c48ca91a4976f2a1239aa0b3146ab37e8c9b78cb74d0e8348cd55561915d44c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 00:04:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H/1.1 200
OK chasitor.esw.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/frame/ Frame 50FB 23 KB
6 KB 98ms
97ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 26 Jan 2023 18:19:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:51 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la4-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ 163 B
557 B 720ms
94ms Script
text/javascript 13.109.187.222
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5e000003QsTt&EmbeddedServiceConfig.configName=Chat_BidSearch&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.187.222 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com

Software

Resource Hash

6e26df5294a3d646e0a3dd585231f43b8da79a056e522c7f7a3072b9ca63267c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/client/ 19 KB
5 KB 131ms
130ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:51 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer: https://govspend.my.salesforce.com/
Origin: https://app.bidsearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/octet-stream

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1164288002&t=pageview&_s=1&dl=https%3A%2F%2Fapp.bidsearch.com%2Ferror%3Fmessage%3DToken%2520not%2520found%2520or%2520expired&dp=%2Ferror&ul=en-us&de=UTF-8&dt=BidSearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgDIAB~&jid=1149350963&gjid=38885828&cid=779568064.1677542691&tid=UA-33982938-17&_gid=1781196555.1677542691&_r=1&_slc=1&z=1606526225

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.bidsearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 00:04:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.bidsearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
511 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 00:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 22:44:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 00:04:51 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 36ms
15ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://app.bidsearch.com/
Origin: https://app.bidsearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VXFMRBHRVN0XS19Z
age: 286396
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZlWDMNNdClewNbZSNCH3BLb8agq1odFubgXzobpg5rM7C6uzW3OXOWbF/UZu0zTPj//eJpLvFXg=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcPlN4B9Xu3uDO278Ip5Dllig7y7vbfHP1n4cEDEq8MaObHi%2B9cZJuQUhTVSmn7xJ5EYqz1dkyWhl%2Fr4JBpRf2nbHcG85l8FLICqgxVcPRyLPn%2F%2FuX0zVDwnBpdxAA8hTzzxNK9Nzx%2BoleS5jR%2BOaE6M"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7a04e7bee926367a-FRA

GET
H2 200 icon
fonts.googleapis.com/ 569 B
440 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 00:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 00:04:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 00:04:51 GMT

GET
H2 200 animate.min.css
cdn.jsdelivr.net/npm/animate.css@3.5.2/ 52 KB
4 KB 10ms
9ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/animate.css@3.5.2/animate.min.css

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Feb 2023 00:04:51 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 488650
x-jsd-version: 3.5.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3958
x-served-by: cache-fra-eddf8230057-FRA, cache-hhn-etou8220028-HHN
x-jsd-version-type: version
etag: W/"ce35-l6+hUVafBGsuAfJ8GHFkbpzYfK8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 makingImprovements.755948e961e33cf86d73d9f9a530dfd0.svg
app.bidsearch.com/static/media/ 30 KB
11 KB 268ms
268ms Image
image/svg+xml 2606:4700:3037::6815:2182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.bidsearch.com/static/media/makingImprovements.755948e961e33cf86d73d9f9a530dfd0.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cddd9cb8136b594e042161fcff37dc77490f0b7b2d5f380a048e9a8731d4b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 00:04:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 24 Feb 2023 22:32:49 GMT
server: cloudflare
etag: W/"773d-186858eba68"
x-download-options: noopen
expect-ct: max-age=0
vary: Accept-Encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2F0J0XPhuWXSJ0MfMSSbczxAyhjt1T0zL%2BCr6TToflRC6DCwMpNFjxTKqPsrCz5VGEPka5TqDjLoG8x5yPMe1vMRJyLvMHsmxuU%2Fy5suX3cVOVGfuNKdHD1YFgm9ZgBqvPAVVCZI6MHKG%2F%2FD9NHfWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0
cf-ray: 7a04e7bedbf93643-FRA

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 86ms
22ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.bidsearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:23:04 GMT
x-content-type-options: nosniff
age: 387707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:23:04 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 102ms
39ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.bidsearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:49:18 GMT
x-content-type-options: nosniff
age: 350133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:49:18 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 110ms
47ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.bidsearch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 01:03:59 GMT
x-content-type-options: nosniff
age: 428452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:03:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-33982938-17&cid=779568064.1677542691&jid=1149350963&gjid=38885828&_gid=1781196555.1677542691&_u=aEBAAEAAAAAAACgDIAB~&z=2078593401

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.bidsearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Feb 2023 00:04:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.bidsearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/frame/ Frame 50FB 473 B
968 B 102ms
102ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://app.bidsearch.com/verify/0714e88f7e7e9379433a3fa44fc5be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:51 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/ 166 B
559 B 524ms
95ms Script
text/javascript 13.109.187.222
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735e000000peyH]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725e000000pedr&org_id=00D5e000003QsTt&version=48

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.187.222 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com

Software

Resource Hash

12fe27ff9a57f5c8ebfb83aee9fffd02c213181f195935f594644bda4ec44c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
govspend.my.salesforce.com/embeddedservice/5.0/utils/ 8 KB
3 KB 98ms
98ms Script
application/x-javascript 13.110.67.199
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://govspend.my.salesforce.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: govspend.my.salesforce.com
URL: https://govspend.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.67.199 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg1-c6-iad5.na166-ia5.my.salesforce.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 00:04:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 01 Mar 2023 00:04:51 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 45ms
45ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33982938-17&cid=779568064.1677542691&jid=1149350963&_u=aEBAAEAAAAAAACgDIAB~&z=1899590160

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 00:04:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-33982938-17&cid=779568064.1677542691&jid=1149350963&_u=aEBAAEAAAAAAACgDIAB~&z=1899590160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.bidsearch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 00:04:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 events Show response
042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io/intake/v2/rum/ 0
40 B 103ms
102ms Fetch 50.19.154.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io/intake/v2/rum/events

Requested by

Host: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.19.154.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-154-221.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://app.bidsearch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://app.bidsearch.com
date: Tue, 28 Feb 2023 00:04:52 GMT
x-cloud-request-id: UYjsJNA7R066QvoINA9RhQ
x-content-type-options: nosniff
x-found-handling-instance: instance-0000000012
x-found-handling-cluster: 042235a4cda4494ebb7d3070bf1846c4
content-length: 0

OPTIONS
H2 200 events
042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io/intake/v2/rum/ Frame 0
0 366ms
104ms Preflight 50.19.154.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.19.154.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-154-221.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://app.bidsearch.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://app.bidsearch.com
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
date: Tue, 28 Feb 2023 00:04:52 GMT
vary: Origin
x-cloud-request-id: keTw60dCSbWhIsXirC8FDQ
x-content-type-options: nosniff
x-found-handling-cluster: 042235a4cda4494ebb7d3070bf1846c4
x-found-handling-instance: instance-0000000012

GET EmbeddedServiceConfig.jsonp
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/ 0
0

GET Settings.jsonp
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.bidsearch.com
URL: https://app.bidsearch.com/static/js/main.4e97c075.js

Domain: d.la4-c2-ia5.salesforceliveagent.com
URL: https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5e000003QsTt&EmbeddedServiceConfig.configName=Chat_BidSearch&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Domain: d.la4-c2-ia5.salesforceliveagent.com
URL: https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735e000000peyH]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725e000000pedr&org_id=00D5e000003QsTt&version=48

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.bidsearch.com/	1970-01-20 18:44:38	Name: sm_anonymous_id Value: fe5a20c0-80a6-40f4-a266-502e1b51d54a
.salesforce.com/	1970-01-20 18:44:38	Name: BrowserId_sec Value: hLFsrbb7Ee2ZHrMzcknODg
.bidsearch.com/	1970-01-20 19:35:02	Name: _ga Value: GA1.2.779568064.1677542691
.bidsearch.com/	1970-01-20 10:00:29	Name: _gid Value: GA1.2.1781196555.1677542691
.bidsearch.com/	1970-01-20 09:59:02	Name: _gat Value: 1
m.stripe.com/	1970-01-20 19:35:02	Name: m Value: e5907ef8-d526-4f3e-96d3-44a846279f90f174cd
.app.bidsearch.com/	1970-01-20 18:44:38	Name: __stripe_mid Value: 21b398b1-0497-4e32-bb70-0693239ac8d9c3050f
.app.bidsearch.com/	1970-01-20 09:59:04	Name: __stripe_sid Value: c8e33b4b-4db7-4142-a281-8368895a484660efc3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to frame 'https://govspend.my.salesforce.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' .salesforce.com .force.com .visualforce.com .documentforce.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

042235a4cda4494ebb7d3070bf1846c4.apm.us-east-1.aws.cloud.es.io
app.bidsearch.com
app.getbeamer.com
app.helphero.co
app.satismeter.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.upscope.io
csp-report.force.com
d.la4-c1-ia4.salesforceliveagent.com
d.la4-c2-ia5.salesforceliveagent.com
fonts.googleapis.com
fonts.gstatic.com
govspend.my.salesforce.com
helphero.co
js.api.here.com
js.stripe.com
js.upscope.io
m.stripe.com
m.stripe.network
public.profitwell.com
q.stripe.com
stats.g.doubleclick.net
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
app.bidsearch.com
d.la4-c2-ia5.salesforceliveagent.com
13.109.187.222
13.110.67.199
13.32.121.46
13.32.27.29
151.101.192.176
161.71.2.38
18.66.147.105
2600:9000:21f3:6400:18:c421:2880:93a1
2606:4700:20::681a:654
2606:4700:20::ac43:4424
2606:4700:3037::6815:2182
2606:4700::6811:180e
2606:4700::6812:213
2606:4700:e2::ac40:850f
2a00:1450:4001:803::2003
2a00:1450:4001:810::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c0c::9c
2a00:1450:400d:803::2003
2a00:1450:400d:80d::2003
2a00:1450:400d:80d::2004
2a04:4e42:400::485
50.19.154.221
52.43.163.23
54.186.23.98
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
12fe27ff9a57f5c8ebfb83aee9fffd02c213181f195935f594644bda4ec44c84
1362a7fc1a96be4941231e5b07315568784e25937c7c4d021379749089e53ca8
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
28ae1c12f12db679b3470729d86927fc2389caf30149253e5c598e329cb5d815
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
3cddd9cb8136b594e042161fcff37dc77490f0b7b2d5f380a048e9a8731d4b95
4d301db383eb1263ebc0a41ea049c7db16a5a31d8001ca716700f8a52b1cbe26
50d1a6fe3b96b822a2fd4d8570cac9504bf7db07ba902ab74f75b40b31e28dc7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5e01cf71eb2d9237730ec3880367e0206782d921fa6a11e69da25ac171bfe309
5fc3d5fbb3c5d14b002526f3579af5271d4c135d7282d4a0e533ae921dfdd41e
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
6bea245b6fe5e79726297fcf431373cc3e52e9a5f07bc12df02bb5b965963182
6e26df5294a3d646e0a3dd585231f43b8da79a056e522c7f7a3072b9ca63267c
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
728117bb67adb514f007927dcbcc60e7b1ddab400b3807068225ba91db3f185b
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
8363b23d5c80f52a43f9f6da2139350f1475b97a8cf56bf855ffdfd6531d9c4b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96e27d477baaa21d6e8adb93af494cac3ecb261a487bd2523d97b5f61353fa78
99815fcf6b8b370527db54ce3dea4dd678df1ebd6a119617c46e7ec11b454850
a57cacef7a10c70400de832f3722c24e01a520c5494cca521740cb94b954bbee
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6580b9852d78c300070ccd3e1b2d05b3832cbe876af8e7994a38c8b871a81c3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb4ee076763a25ecbcec671289b252e54a6ed13555171b2670777ec76b0dee41
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c48ca91a4976f2a1239aa0b3146ab37e8c9b78cb74d0e8348cd55561915d44c1
c8400b48efc87af9a82f708e1ff330f557597a0357a84e1bc07ccfb4b40ca13c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dda87f89687e1bb51e4b39f516a0aeec29fcd1d22d2cc693696f78bf92a8972e
de921865ddbd57a0fb4100cd4d204c764f5cf2c84675c1523cb4ab9f9e8e6869
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30
fe366a090ac067171ba1cfeb38e239e18154e8a54b022fd9bece881b4c555f29
fe98fcea0f008cad57d7b03611eee7fa3bf38c4628d4bb8f58d2113ad8e4e0aa
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

app.bidsearch.com Open in urlscan Pro 2606:4700:3037::6815:2182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

94 %HTTPS

60 %IPv6

22 Domains

28 Subdomains

26 IPs

5 Countries

3327 kBTransfer

11862 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

app.bidsearch.com Open in urlscan Pro
2606:4700:3037::6815:2182 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

94 %
HTTPS

60 %
IPv6

22
Domains

28
Subdomains

26
IPs

5
Countries

3327 kB
Transfer

11862 kB
Size

8
Cookies

68 HTTP transactions
1 data transactions