urlscan.io logo urlscan.io
SecurityTrails logo

ww82.g-content.bid Open in urlscan Pro
199.59.243.225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bniteam.com/
Effective URL: http://ww82.g-content.bid/
Submission: On January 06 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 40 HTTP transactions. The main IP is 199.59.243.225, located in United States and belongs to AMAZON-02, US. The main domain is ww82.g-content.bid.
This is the only time ww82.g-content.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 95.215.205.165 204601 (ON-LINE-D...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8:a::a 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 46.4.104.244 24940 (HETZNER-AS)
1 78.46.111.246 24940 (HETZNER-AS)
1 2a00:1148:db0... 47764 (VK-AS)
1 82.202.165.19 29182 (RU-JSCIOT)
1 46.8.8.100 60592 (GRANSY Gr...)
4 199.59.243.225 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
40 14
21    95.215.205.165 (Dronten, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: 2056028.ds.had.pm
www.bniteam.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    46.4.104.244 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de
rbfour.bid
1    78.46.111.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.111.46.78.clients.your-server.de
jquerylibp.ru
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
rs.mail.ru
1    82.202.165.19 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: videoroll.net
videoroll.net
1    46.8.8.100 (Prague, Czech Republic)

ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ)
ad.g-content.bid
4    199.59.243.225 (United States)

ASN16509 (AMAZON-02, US)
ww82.g-content.bid
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.adsensecustomsearchads.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
Apex Domain
Subdomains		 Transfer
21 bniteam.com
www.bniteam.com
757 KB
5 g-content.bid
ad.g-content.bid
ww82.g-content.bid
36 KB
4 adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 3803
57 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9809
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5917
595 B
1 google.com
www.google.com — Cisco Umbrella Rank: 6
54 KB
1 videoroll.net
videoroll.net — Cisco Umbrella Rank: 105184
60 KB
1 mail.ru
rs.mail.ru — Cisco Umbrella Rank: 13178
13 KB
1 jquerylibp.ru
jquerylibp.ru
11 KB
1 rbfour.bid
rbfour.bid — Cisco Umbrella Rank: 800829
15 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
51 KB
1 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1186
97 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 708
6 KB
40 13
Domain Requested by
21 www.bniteam.com 1 redirects www.bniteam.com
4 www.adsensecustomsearchads.com www.google.com
www.adsensecustomsearchads.com
4 ww82.g-content.bid ad.g-content.bid
ww82.g-content.bid
2 afs.googleusercontent.com
1 partner.googleadservices.com www.google.com
1 www.google.com ww82.g-content.bid
1 ad.g-content.bid www.bniteam.com
1 videoroll.net www.bniteam.com
1 rs.mail.ru www.bniteam.com
1 jquerylibp.ru www.bniteam.com
1 rbfour.bid www.bniteam.com
1 pagead2.googlesyndication.com www.bniteam.com
1 yandex.ru www.bniteam.com
1 ajax.googleapis.com www.bniteam.com
40 14

This site contains no links.

Subject Issuer Validity Valid
bniteam.com
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-10-26 -
2024-04-24		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
rbfour.bid
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
jquerylibp.ru
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2023-10-06 -
2024-11-06		 a year crt.sh
videoroll.net
AlphaSSL CA - SHA256 - G4		 2023-05-29 -
2024-06-29		 a year crt.sh
*.g-content.bid
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://ww82.g-content.bid/
Frame ID: 5BB1B42ED7578E797C6F34F10BA29698
Requests: 36 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol316%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol464&client=dp-bodis31_3ph&r=m&hl=nl&rpbu=http%3A%2F%2Fww82.g-content.bid%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3&nocache=3431704557515574&num=0&output=afd_ads&domain_name=ww82.g-content.bid&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1704557515575&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&cl=588056317&uio=-&cont=rs&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww82.g-content.bid%2F
Frame ID: B478895210F0321716FC974DE8DA5810
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

G-content.bid

Page URL History Show full URLs

  1. http://www.bniteam.com/ HTTP 301
    https://www.bniteam.com/ Page URL
  2. http://ww82.g-content.bid/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

90 %
HTTPS

57 %
IPv6

13
Domains

14
Subdomains

14
IPs

5
Countries

1158 kB
Transfer

1803 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bniteam.com/ HTTP 301
    https://www.bniteam.com/ Page URL
  2. http://ww82.g-content.bid/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.bniteam.com/ HTTP 301
  • https://www.bniteam.com/

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.bniteam.com/
Redirect Chain
  • http://www.bniteam.com/
  • https://www.bniteam.com/
20 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 / PHP/7.2.34
Resource Hash
703a6fa5bf9e7fcc139cfc54aa189d458e4d2945fb70a79165851f5fc9d8bb4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 16:11:52 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.34

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 06 Jan 2024 16:11:52 GMT
Location
https://www.bniteam.com/
Server
nginx/1.18.0
Transfer-Encoding
chunked
jquery.js
www.bniteam.com/engine/classes/js/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/engine/classes/js/jquery.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
2f2e26a95f2ec06f0705a6146ce47e0047f8c63254258e82a0ce0a241de096e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:14 GMT
Server
nginx/1.18.0
ETag
"5d17013e-16edb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93915
jqueryui.js
www.bniteam.com/engine/classes/js/ 		74 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/engine/classes/js/jqueryui.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
0c6e66c2bba388fc30ac3113601763fbb6123d7e7dfaad8ba89884eb0f732ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:14 GMT
Server
nginx/1.18.0
ETag
"5d17013e-12897"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75927
dle_js.js
www.bniteam.com/engine/classes/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/engine/classes/js/dle_js.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
717feec6630cc7937750fa4ce50f48a6e326f41f606fbe8da4c81507d86b11b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:14 GMT
Server
nginx/1.18.0
ETag
"5d17013e-5a0e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23054
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 01:57:24 GMT
webfont.js
www.bniteam.com/engine/editor/scripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/engine/editor/scripts/webfont.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
b39bcd31f93b96bfcd623a4fd956d0f4b2b6f160faca5f65d12514c87dc0e577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:15 GMT
Server
nginx/1.18.0
ETag
"5d17013f-bcb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3019
default.css
www.bniteam.com/engine/editor/css/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/engine/editor/css/default.css
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
408ef277c5c07ee4f9a8ec7a2e0ceb44e1f6008bb54afee87ddbd4f032debe17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:15 GMT
Server
nginx/1.18.0
ETag
"5d17013f-25ce"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9678
style.css
www.bniteam.com/templates/AndroidClub/css/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/templates/AndroidClub/css/style.css
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
5f2c9c081686481dd22c77feaf6d8a6c9c43f91cfccaefebea35c71f1b9d9ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Tue, 23 Jul 2019 06:56:15 GMT
Server
nginx/1.18.0
ETag
"5d36af8f-6f75"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28533
engine.css
www.bniteam.com/templates/AndroidClub/css/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bniteam.com/templates/AndroidClub/css/engine.css
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
2e54c93e05b737193a70a2fe46b37a0eec43ef1e6a0d4a27a366a9e53daa0b23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:17 GMT
Server
nginx/1.18.0
ETag
"5d170141-9201"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37377
context.js
yandex.ru/ads/system/ 		343 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f44f5ed5df825563583ba4a397978d99515c0e74481400c471c21c5a13efb432
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1704557513413190-12354819541284652976-balancer-l7leveler-kubr-yp-vla-75-BAL-3820
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Jan 2024 17:11:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1969129162258194
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67a80e44fcdeba01385ec4d613071235d755af0764c634578608fd9b36a1c03f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bniteam.com/
Origin
https://www.bniteam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:11:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51331
x-xss-protection
0
server
cafe
etag
1973523694090779086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 16:11:53 GMT
qbLjUifu.js
rbfour.bid/pushJs/ 		107 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbfour.bid/pushJs/qbLjUifu.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
dd20dd94bea3ad80c20e00a13ab57eba52909034746a2f8dea680a50c8258264
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:11:53 GMT
strict-transport-security
max-age=63072000
content-encoding
br
last-modified
Tue, 05 Dec 2023 10:23:45 GMT
server
nginx
etag
W/"656efa31-1aa81"
content-type
application/javascript
cache-control
max-age=600, public, must_revalidate
expires
Sat, 06 Jan 2024 16:21:53 GMT
jquery-1.7.2.js
jquerylibp.ru/new8libs/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jquerylibp.ru/new8libs/jquery-1.7.2.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.111.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.111.46.78.clients.your-server.de
Software
nginx / PHP/5.6.27
Resource Hash
697d048a664e726c7ef6566e929429700d4a74a13e1128f624ef17280f44cd2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 16:11:52 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.27
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
logo.png
www.bniteam.com/templates/AndroidClub/images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/templates/AndroidClub/images/logo.png
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
7a2dc982058dafe4b6e71136a46c0254a22167bce7fa3f7986610f1abf408ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:18 GMT
Server
nginx/1.18.0
ETag
"5d170142-16a8f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92815
spacer.gif
www.bniteam.com/templates/AndroidClub/images/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/templates/AndroidClub/images/spacer.gif
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Mon, 01 Jul 2019 13:29:28 GMT
Server
nginx/1.18.0
ETag
"5d1a0ab8-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
izh-2125.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/izh-2125.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
d26447b4e41e3b45d3468ab7912a36d257a78d812f9f28f4f469040e396d9a52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:08 GMT
Server
nginx/1.18.0
ETag
"5d170138-9447"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37959
gaz-volga-siber.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-volga-siber.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
7cbf7131cc14d7c338c2c583ee0a79fef28b3a527122926e26aa1a9c927c8a93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:08 GMT
Server
nginx/1.18.0
ETag
"5d170138-83c5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33733
gaz-3111.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-3111.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
f4f11d452c1510134b49fc3af43b6530121b5f65ff3de731809f37d16ef174cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:52 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:07 GMT
Server
nginx/1.18.0
ETag
"5d170137-97d8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38872
gaz-31029.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-31029.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
e6a13e91eb114d2af6f926409cbbf224f401a879fc950f16d02d103b9254c3aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:53 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:07 GMT
Server
nginx/1.18.0
ETag
"5d170137-8bd1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35793
gaz-3102.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-3102.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
95c573dcca48221015da9db9a25321f737d7e25d3b28f8870ada29c0af2046b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:53 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:09 GMT
Server
nginx/1.18.0
ETag
"5d170139-9051"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36945
gaz-2410.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-2410.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
2398c147ae911c57cdb9d4ed274ead77cd3ef998b4cdc2bf1190754a8bd0160d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:54 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:09 GMT
Server
nginx/1.18.0
ETag
"5d170139-9561"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38241
gaz-24-ment.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-24-ment.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:54 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:08 GMT
Server
nginx/1.18.0
ETag
"5d170138-a4c6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42182
gaz-22.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-22.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:54 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:08 GMT
Server
nginx/1.18.0
ETag
"5d170138-a0cf"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41167
gaz-2165.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-2165.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:54 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:08 GMT
Server
nginx/1.18.0
ETag
"5d170138-96da"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38618
gaz-13_chaika.jpg
www.bniteam.com/kartinki/rus-avto-2/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bniteam.com/kartinki/rus-avto-2/gaz-13_chaika.jpg
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.205.165 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
2056028.ds.had.pm
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:54 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sat, 29 Jun 2019 06:12:07 GMT
Server
nginx/1.18.0
ETag
"5d170137-a26d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41581
ads-min.js
rs.mail.ru/static/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.mail.ru/static/ads-min.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7816baeae36be2ccf4d59f1ce3e778cbcba9c5037962dbde5760e4cef3d8e5a9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:53 GMT
Last-Modified
Tue, 09 Feb 2021 16:17:57 GMT
Server
nginx
ETag
"6022b5b5-3401"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13313
vid_vpaut_script.js
videoroll.net/js/ 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://videoroll.net/js/vid_vpaut_script.js
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.165.19 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
videoroll.net
Software
nginx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.bniteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 16:11:54 GMT
Last-Modified
Mon, 01 Jan 2024 13:34:12 GMT
Server
nginx
ETag
"6592bf54-ed41"
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60737
MAXTUwMQ0hHKgRRBgxUDggFUYAFYtAVB8QJSMUBj1DC2E0FqcXH242PUBCPboBPBgADLFENSFBGYUCWW1CCZcjI3cDG5IhClkRE-0TECIjSLowGaNQBG8jDPFBBDcWEIYwNZQjABcRNVdDJYkwFFBVJikVHZUgFGYAXQxwa.js
ad.g-content.bid/js/ 		46 B
114 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.g-content.bid/js/MAXTUwMQ0hHKgRRBgxUDggFUYAFYtAVB8QJSMUBj1DC2E0FqcXH242PUBCPboBPBgADLFENSFBGYUCWW1CCZcjI3cDG5IhClkRE-0TECIjSLowGaNQBG8jDPFBBDcWEIYwNZQjABcRNVdDJYkwFFBVJikVHZUgFGYAXQxwa.js?trl=0.30
Requested by
Host: www.bniteam.com
URL: https://www.bniteam.com/engine/classes/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.8.8.100 Prague, Czech Republic, ASN60592 (GRANSY Gransy s.r.o. gransy.com, CZ),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bniteam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 06 Jan 2024 16:11:54 GMT
content-length
46
content-type
application/javascript
Primary Request /
ww82.g-content.bid/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww82.g-content.bid/
Requested by
Host: ad.g-content.bid
URL: https://ad.g-content.bid/js/MAXTUwMQ0hHKgRRBgxUDggFUYAFYtAVB8QJSMUBj1DC2E0FqcXH242PUBCPboBPBgADLFENSFBGYUCWW1CCZcjI3cDG5IhClkRE-0TECIjSLowGaNQBG8jDPFBBDcWEIYwNZQjABcRNVdDJYkwFFBVJikVHZUgFGYAXQxwa.js?trl=0.30
Protocol
HTTP/1.1
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6a1ebdde5194f93f8c64b50b9c4ecda787ca82f60a2ec8aa677d17b5f6b2d80a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
sec-ch-prefers-color-scheme
cache-control
no-store, max-age=0
content-length
1025
content-type
text/html; charset=utf-8
critical-ch
sec-ch-prefers-color-scheme
date
Sat, 06 Jan 2024 16:11:54 GMT
vary
sec-ch-prefers-color-scheme
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_V2r5Pfxd6Pdhw3h6IQMsycBdhrUMEmcWf1m/HK26W6ieZ6ri5VZBndE8W/w+gudIAI26FKwb2yXnAMns4bPSuQ==
x-request-id
905f883b-0c18-4579-985d-cf27b8517d09
bhyDnSfXt.js
ww82.g-content.bid/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww82.g-content.bid/bhyDnSfXt.js
Requested by
Host: ww82.g-content.bid
URL: http://ww82.g-content.bid/
Protocol
HTTP/1.1
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
46e2c2af87720b7ae5a86434547bd9bef9ff21fab2956b64bc48f17dc73c63a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww82.g-content.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:11:55 GMT
content-length
32054
x-request-id
ae72941e-781e-4c91-b9cb-4cb816423614
content-type
application/javascript; charset=utf-8
_fd
ww82.g-content.bid/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://ww82.g-content.bid/_fd
Requested by
Host: ww82.g-content.bid
URL: http://ww82.g-content.bid/bhyDnSfXt.js
Protocol
HTTP/1.1
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
bd563f7d5769dd2336e6887283ec88997689eb98c92b33a1ff77169a01041c2d

Request headers

Accept
application/json
Referer
http://ww82.g-content.bid/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

x-version
2.110.6
date
Sat, 06 Jan 2024 16:11:54 GMT
content-encoding
gzip
pragma
no-cache
server
openresty
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
2066
expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/ 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: ww82.g-content.bid
URL: http://ww82.g-content.bid/bhyDnSfXt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba14e89fd4e3f93c81704e1dba22cb195387a59c91392a36e47a4dbbe75d798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww82.g-content.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"4119344319494620179"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Sat, 06 Jan 2024 16:11:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		380 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww82.g-content.bid&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9a64f86ae7f5a042d4a8a65256dc3249f185ef3fab96c3e6d40f8ba82969c60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww82.g-content.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
243
x-xss-protection
0
ads
www.adsensecustomsearchads.com/afs/ Frame B478 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol316%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol464&client=dp-bodis31_3ph&r=m&hl=nl&rpbu=http%3A%2F%2Fww82.g-content.bid%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3&nocache=3431704557515574&num=0&output=afd_ads&domain_name=ww82.g-content.bid&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1704557515575&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&cl=588056317&uio=-&cont=rs&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww82.g-content.bid%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e4a9ec8fd71e60c417bfcafc294450b529a9d93a5761c9778bdac37c13ff7f60
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-QhJWNZL0xJWsceNEAz-ZCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://ww82.g-content.bid/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2573
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-QhJWNZL0xJWsceNEAz-ZCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 06 Jan 2024 16:11:55 GMT
expires
Sat, 06 Jan 2024 16:11:55 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
caf.js
www.adsensecustomsearchads.com/adsense/domains/ Frame B478 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol316%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol464&client=dp-bodis31_3ph&r=m&hl=nl&rpbu=http%3A%2F%2Fww82.g-content.bid%3Fcaf%26&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2502185569747978&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383&format=r3&nocache=3431704557515574&num=0&output=afd_ads&domain_name=ww82.g-content.bid&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1704557515575&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&cl=588056317&uio=-&cont=rs&drt=0&jsid=caf&jsv=588056317&rurl=http%3A%2F%2Fww82.g-content.bid%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bf9c54918782690aa666357beab40c94fc009460b0aa5a95e182db59ace5d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"4919391341535188679"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Sat, 06 Jan 2024 16:11:55 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame B478 		200 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jan 2024 06:21:37 GMT
age
35418
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sun, 07 Jan 2024 05:21:37 GMT
call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame B478 		444 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jan 2024 12:09:35 GMT
age
14540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sun, 07 Jan 2024 11:09:35 GMT
_tr
ww82.g-content.bid/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
http://ww82.g-content.bid/_tr
Requested by
Host: ww82.g-content.bid
URL: http://ww82.g-content.bid/bhyDnSfXt.js
Protocol
HTTP/1.1
Server
199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
application/json
Referer
http://ww82.g-content.bid/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

x-version
2.110.6
date
Sat, 06 Jan 2024 16:11:55 GMT
content-encoding
gzip
pragma
no-cache
server
openresty
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 01 Jan 1970 00:00:01 GMT
gen_204
www.adsensecustomsearchads.com/afs/ 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=sk6hxl7jmof4&aqid=y3uZZdPRKdr1mLAPmKSMwAo&psid=3113057640&pbt=bs&adbx=450&adby=143&adbh=480&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=588056317&csala=3%7C0%7C173%7C67%7C8&lle=0&ifv=1&hpt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-DlCFNe2OCF0v-uOR6Ctw1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww82.g-content.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-DlCFNe2OCF0v-uOR6Ctw1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 06 Jan 2024 16:11:57 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
www.adsensecustomsearchads.com/afs/ 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=3g6isjklxg06&aqid=y3uZZdPRKdr1mLAPmKSMwAo&psid=3113057640&pbt=bv&adbx=450&adby=143&adbh=480&adbw=700&adbah=153%2C153%2C153&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=588056317&csala=3%7C0%7C173%7C67%7C8&lle=0&ifv=1&hpt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-vCYGpFWMsFMb1OH0kevK9Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww82.g-content.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-vCYGpFWMsFMb1OH0kevK9Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 06 Jan 2024 16:11:57 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| park object| version object| __parkour number| googleNDT_ number| googleAltLoader object| google function| __sasCookie number| experimentId_

5 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: c+ytQzvfgBbF/E5DwWOvEzThagz3eqe+SwO4ycWM8oAicrSnF1buLNdU9aoqkcVLmUcaCDSPupmtdKOABtEiQUHkRHw=
.yandex.ru/ Name: yandexuid
Value: 1846529761704557513
.yandex.ru/ Name: yashr
Value: 4553731431704557513
ww82.g-content.bid/ Name: parking_session
Value: 905f883b-0c18-4579-985d-cf27b8517d09
.g-content.bid/ Name: __gsas
Value: ID=23f1ecb8c91d82c4:T=1704557515:RT=1704557515:S=ALNI_MYwBbv2D_IVTkPLpUDE9_sfCPjc4w

3 Console Messages

Source Level URL
Text
javascript warning URL: https://www.bniteam.com/engine/classes/js/jquery.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.g-content.bid/js/MAXTUwMQ0hHKgRRBgxUDggFUYAFYtAVB8QJSMUBj1DC2E0FqcXH242PUBCPboBPBgADLFENSFBGYUCWW1CCZcjI3cDG5IhClkRE-0TECIjSLowGaNQBG8jDPFBBDcWEIYwNZQjABcRNVdDJYkwFFBVJikVHZUgFGYAXQxwa.js?trl=0.30, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.bniteam.com/engine/classes/js/jquery.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.g-content.bid/js/MAXTUwMQ0hHKgRRBgxUDggFUYAFYtAVB8QJSMUBj1DC2E0FqcXH242PUBCPboBPBgADLFENSFBGYUCWW1CCZcjI3cDG5IhClkRE-0TECIjSLowGaNQBG8jDPFBBDcWEIYwNZQjABcRNVdDJYkwFFBVJikVHZUgFGYAXQxwa.js?trl=0.30, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.google.com/adsense/domains/caf.js(Line 213)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.g-content.bid
afs.googleusercontent.com
ajax.googleapis.com
jquerylibp.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rbfour.bid
rs.mail.ru
videoroll.net
ww82.g-content.bid
www.adsensecustomsearchads.com
www.bniteam.com
www.google.com
yandex.ru
199.59.243.225
2a00:1148:db00::17
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a02:6b8:a::a
46.4.104.244
46.8.8.100
78.46.111.246
82.202.165.19
95.215.205.165
0c6e66c2bba388fc30ac3113601763fbb6123d7e7dfaad8ba89884eb0f732ad4
2398c147ae911c57cdb9d4ed274ead77cd3ef998b4cdc2bf1190754a8bd0160d
2e54c93e05b737193a70a2fe46b37a0eec43ef1e6a0d4a27a366a9e53daa0b23
2f2e26a95f2ec06f0705a6146ce47e0047f8c63254258e82a0ce0a241de096e9
408ef277c5c07ee4f9a8ec7a2e0ceb44e1f6008bb54afee87ddbd4f032debe17
46e2c2af87720b7ae5a86434547bd9bef9ff21fab2956b64bc48f17dc73c63a7
4bf9c54918782690aa666357beab40c94fc009460b0aa5a95e182db59ace5d89
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
5f2c9c081686481dd22c77feaf6d8a6c9c43f91cfccaefebea35c71f1b9d9ac1
67a80e44fcdeba01385ec4d613071235d755af0764c634578608fd9b36a1c03f
697d048a664e726c7ef6566e929429700d4a74a13e1128f624ef17280f44cd2b
6a1ebdde5194f93f8c64b50b9c4ecda787ca82f60a2ec8aa677d17b5f6b2d80a
703a6fa5bf9e7fcc139cfc54aa189d458e4d2945fb70a79165851f5fc9d8bb4e
717feec6630cc7937750fa4ce50f48a6e326f41f606fbe8da4c81507d86b11b5
7816baeae36be2ccf4d59f1ce3e778cbcba9c5037962dbde5760e4cef3d8e5a9
7a2dc982058dafe4b6e71136a46c0254a22167bce7fa3f7986610f1abf408ae6
7cbf7131cc14d7c338c2c583ee0a79fef28b3a527122926e26aa1a9c927c8a93
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
95c573dcca48221015da9db9a25321f737d7e25d3b28f8870ada29c0af2046b5
b39bcd31f93b96bfcd623a4fd956d0f4b2b6f160faca5f65d12514c87dc0e577
bd563f7d5769dd2336e6887283ec88997689eb98c92b33a1ff77169a01041c2d
c9a64f86ae7f5a042d4a8a65256dc3249f185ef3fab96c3e6d40f8ba82969c60
d26447b4e41e3b45d3468ab7912a36d257a78d812f9f28f4f469040e396d9a52
dba14e89fd4e3f93c81704e1dba22cb195387a59c91392a36e47a4dbbe75d798
dd20dd94bea3ad80c20e00a13ab57eba52909034746a2f8dea680a50c8258264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a9ec8fd71e60c417bfcafc294450b529a9d93a5761c9778bdac37c13ff7f60
e6a13e91eb114d2af6f926409cbbf224f401a879fc950f16d02d103b9254c3aa
f44f5ed5df825563583ba4a397978d99515c0e74481400c471c21c5a13efb432
f4f11d452c1510134b49fc3af43b6530121b5f65ff3de731809f37d16ef174cd