bigl.ua Open in urlscan Pro
193.34.169.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bigl.ua/
Effective URL:
https://bigl.ua/
Submission: On December 05 via api (December 5th 2023, 6:01:50 pm UTC) from US — Scanned from DE

Summary HTTP 159 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 28 domains to perform 159 HTTP transactions. The main IP is 193.34.169.35, located in Ukraine and belongs to EVO, UA. The main domain is bigl.ua. The Cisco Umbrella rank of the primary domain is 672334.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 4th 2023. Valid for: 3 months.

This is the only time bigl.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	193.34.169.35 193.34.169.35	43896 (EVO) (EVO)
34	193.34.169.10 193.34.169.10	43896 (EVO) (EVO)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	2606:4700:303... 2606:4700:3037::ac43:d7e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	193.34.169.9 193.34.169.9	43896 (EVO) (EVO)
2	2606:4700:303... 2606:4700:3031::6815:5ed9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:885b:36b0:5c58:578	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2.19.245.101 2.19.245.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	52.57.12.239 52.57.12.239	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.156.218.59 35.156.218.59	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
159	34

39 193.34.169.35 (Ukraine) 1 redirects

ASN43896 (EVO, UA)
PTR: bigl.ua

bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
midas-external.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 193.34.169.10 (Ukraine)

ASN43896 (EVO, UA)
PTR: images.prom.ua

images.prom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:d7e6 (United States)

ASN13335 (CLOUDFLARENET, US)

cralodas.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.cralodas.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cralodas.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.169.9 (Ukraine)

ASN43896 (EVO, UA)

colbert-static.c.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:5ed9 (United States)

ASN13335 (CLOUDFLARENET, US)

colbert.evo.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:885b:36b0:5c58:578 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.245.101 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.12.239 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.218.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-218-59.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	bigl.ua 1 redirects bigl.ua — Cisco Umbrella Rank: 672334 my.bigl.ua midas-external.bigl.ua tracker.bigl.ua	535 KB
34	prom.ua images.prom.ua — Cisco Umbrella Rank: 223775	155 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	286 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	67 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	217 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 dis.criteo.com — Cisco Umbrella Rank: 550 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316	50 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	cralodas.com.ua cralodas.com.ua — Cisco Umbrella Rank: 576541 m.cralodas.com.ua — Cisco Umbrella Rank: 720007 c.cralodas.com.ua — Cisco Umbrella Rank: 738338	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	450 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 780	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
2	evo.company colbert.evo.company	656 B
2	google.de www.google.de — Cisco Umbrella Rank: 6765	562 B
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 564	909 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	161 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	388 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	586 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	prom.st colbert-static.c.prom.st	56 KB
159	28

	Domain	Requested by
34	images.prom.ua	bigl.ua
31	bigl.ua	1 redirects bigl.ua
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	static.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	bigl.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com bigl.ua
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
5	my.bigl.ua	bigl.ua
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	bigl.ua googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googleadservices.com
2	pm.w55c.net	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	um.simpli.fi	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	colbert.evo.company	colbert-static.c.prom.st
2	midas-external.bigl.ua	bigl.ua
2	www.google.de	bigl.ua
2	creativecdn.com	1 redirects bigl.ua
2	www.googletagmanager.com	bigl.ua
1	rtb.fr3.eu.criteo.com	bigl.ua
1	onetag-sys.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	tracker.bigl.ua	my.bigl.ua
1	colbert-static.c.prom.st	bigl.ua
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	c.cralodas.com.ua	m.cralodas.com.ua
1	m.cralodas.com.ua	cralodas.com.ua
1	cralodas.com.ua	bigl.ua
159	45

This site contains links to these domains. Also see Links.

Domain
my.bigl.ua
apps.apple.com
play.google.com
bigl.kayako.com

Subject Issuer	Validity	Valid
bigl.ua ZeroSSL RSA Domain Secure Site CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
prom.ua ZeroSSL RSA Domain Secure Site CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
cralodas.com.ua E1	`2023-11-15` - `2024-02-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.prom.st ZeroSSL RSA Domain Secure Site CA	`2023-11-10` - `2024-02-08`	3 months	crt.sh
evo.company GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://bigl.ua/
Frame ID: 4AC23802599916FE5637022A9836E481
Requests: 87 HTTP requests in this frame

Frame: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
Frame ID: 828DF9A3EC05F38EC0ABF5B3C2B23E68
Requests: 1 HTTP requests in this frame

Frame: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
Frame ID: C41DB64A3D61F444B3082E5DF8F254CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: B1FC96CC63EAEEC33AC34FDC0D2FDA85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&adk=1812271804&adf=3025194257&lmt=1701799301&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbigl.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799300942&bpp=4&bdt=623&idt=309&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5891262903462&frm=20&pv=2&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=320
Frame ID: 818B32B758259E1BFC9983FC36C1C9E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8
Frame ID: F35D4049C4D83CFEBA5A90B4901855E7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Frame ID: 4AED13589CFECAEF94632343A882E3FB
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW9liAAGatoH_aKEAAt1ls0UPwHAoViAWKL_ew&u=%7C%2B7CZCoB8yJljl0CCinwCab8l0U9kTWDK%2F6XUOZ8A7qI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5ZdRiwGVx3x8Yh6-dSE24gSGKSY1S8Q3_HdqTIDBzcR2MBI_e9g7M8r2ogNJFX409XbEVIc-lJseGxSbxrAKMfobydRCiAD5HU9UAzJaoYXxYAqFcguxnCQIZL9n25wC37paEdk1hQz1lUymWNNXeCvOI12aVzL9ppUeeb5LF2Ja1OTj4Ll12qCzWtspVJhhhbpzlh77TCf9xyBF-S_Rdfb1FuNscQDivFzL2yblvgQo-i42UbcC5nQSK2k5GuQhzT7m0MvkhICtfQhseV4gyqZxvUxamAo5D9cNWozQ8bAWB6ZuMdb4-_5mW8KdmJhiHrCiKz7l-MWVf1MGrmBy39l0UTt73c58TuSEZAmsqCApTIbH4FbLAGHbRHlFJyZf2LsSRDh3o_K8ObP0MwnGaMRW7tV1OsWmIQpsP0h2i6T6Hio1w6CM2wDc_IH4osbhtithBbJSIJIfv6mZ5fUhJvOB4p5s07rK25a4-NFUgyH5BVwqLGWHS2sUirytlh0VU7XRyV8ESBUSeaiKYWPsLjrKA-1lRh8w5RPneAKf4kifwGMKeAzBHQXDyW4EfKa0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZavriGVvZdrVGYTF9u8PluutkArJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc3OTg5OTQyOTMxMDAzMTDIAQmpAuYyFxa4JbI-qAMByAMCqgS6AU_QHzLlegjNMvfuj6gNgCT-6SKjUuDa7ZZD57TWDlzZvMZAV1oLyi-mTWjf8lx8vUfhKilnZITrn63Jnl_PwK0pd4ETGmDq0r7u84piPT4Wyb1YNWwG78YEKkHk7qTmoJnMLnMioGIi5fVi8uvgCKDWdgjNyguhnv-5rsXpAzgQ9BBTW4vK2BptBxDPglz1MtrxKdWSPfbx3e4mEqjU6Ow5OQffQYxifWx6PwCSWRtRpnwu71GRwKznIYAG74Po7sOy7PO9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDlpO48PiCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2yakF_rwaIWefmY7HL1V7kdbcgIQ%26client%3Dca-pub-7798994293100310%26adurl%3D
Frame ID: BCF9331E0E7D051298D326E4DAC0CAA4
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9D5648E7BAC03DCCFE53E894BF742D8C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D06577AC0389439ADADA135DB1C82F01
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 13B8D41FDC1F0EE8715AF68ADEABCEDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83F8B2E41CD02156BE406C5F868A6DBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD7FBFABD7652D912C431C65A3A86AC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bigl.ua — 75 013 846 Товарів від Перевірених Продавців з Усієї України!

Page URL History Show full URLs

http://bigl.ua/ HTTP 301
https://bigl.ua/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

159
Requests

93 %
HTTPS

61 %
IPv6

28
Domains

45
Subdomains

34
IPs

9
Countries

1719 kB
Transfer

6944 kB
Size

23
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://my.bigl.ua/ua/cabinet/favorites

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/bigl-ua-%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B8-%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD/id6467865230?utm_source=bigl&utm_medium=banner&utm_term=footer

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.bigl.mobile&referrer=utm_source%3Dbigl%26utm_medium%3Dbanner%26utm_term%3Dfooter

Search URL Search Domain Scan URL

URL: https://bigl.kayako.com/
Title: Довідка

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bigl.ua/ HTTP 301
https://bigl.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home HTTP 302
https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1

Request Chain 99

https://um.simpli.fi/gp_match?google_gid=CAESEPmrwcZ8Hp8zkmaz6v-tVlo&google_cver=1&google_push=AXcoOmT6cdz-YJJy-y-4F79hkxN1W64o-FFoaXrFyfS9IYgD0wwctQeBFXUoSVcakzxCttDpR1ir8wNTGs0No__nrw1DYAl4N6FsAhc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=460EECA0AEE943E3A0FB55B40A88AB23&google_push=AXcoOmT6cdz-YJJy-y-4F79hkxN1W64o-FFoaXrFyfS9IYgD0wwctQeBFXUoSVcakzxCttDpR1ir8wNTGs0No__nrw1DYAl4N6FsAhc

Request Chain 101

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDSrStPE9q-3ekRfQlc8tW8&google_cver=1&google_push=AXcoOmTngOHxHj5hvMQ5XVWrTaqO35HCvKwAOtlmZkwafRUYHf6sYv7HzDIbpt9RJ1VEQKaLCmm6TRsGJg1qxGmnYibXqgvJN-9Pbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTE3MjM1OTMzMjAzNDcwOA%3D%3D&google_push=AXcoOmTngOHxHj5hvMQ5XVWrTaqO35HCvKwAOtlmZkwafRUYHf6sYv7HzDIbpt9RJ1VEQKaLCmm6TRsGJg1qxGmnYibXqgvJN-9Pbw

Request Chain 102

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC3IZdkYYz1SNGRuc-sx9DY&google_cver=1&google_push=AXcoOmQ2sg9GgF2Pnq85QpI-WCfXnzmlsUxpKiQeHIG_FUaRjE0xidocgFzspEalSI7OQso0eDvp2XwJZrw0zf7JudL6zS2gFwCv6oQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ2sg9GgF2Pnq85QpI-WCfXnzmlsUxpKiQeHIG_FUaRjE0xidocgFzspEalSI7OQso0eDvp2XwJZrw0zf7JudL6zS2gFwCv6oQ&google_hm=eS1TcTJfQzJWRTJwR0hWa044N0NseHVtR2F0WUw3ZWJfM35B

Request Chain 104

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKOfiZBnC1qQSAh8OHKpRuI&google_cver=1&google_push=AXcoOmSGJQoedPS1tes9-MSt170oMoGU_1laHOOpdjLYayiQqkpL__w2PZWB6jb1PbDzMd_slunO_8boP3yuZWfVBAXsGNYdFw2XPoKq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSGJQoedPS1tes9-MSt170oMoGU_1laHOOpdjLYayiQqkpL__w2PZWB6jb1PbDzMd_slunO_8boP3yuZWfVBAXsGNYdFw2XPoKq HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 133

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGl7NWVVzTVyrxwoSp2I8Cc&google_cver=1&google_push=AXcoOmR_jUOG1TdgqmMM1hNrG4nWaqbmDeLIbBagCu6EKCurtBKP8aWX8uXhlmUTMwT1O6AXAC7WaEnybsiYOmO8JTJXTWzNGvH9Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQyMDY4OTExMzQxNzUzNzk4NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGl7NWVVzTVyrxwoSp2I8Cc&google_cver=1

Request Chain 134

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&google_cver=1&google_push=AXcoOmShRuIrI9Mg9j5vCAw3jk7MpfZRUEJXofWq1ZESCiO2_QPECgrJweL0FftiG10sIjqefPrT1Db1tYOymUOx3l7AX414Kyoi3jE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&google_cver=1&google_push=AXcoOmShRuIrI9Mg9j5vCAw3jk7MpfZRUEJXofWq1ZESCiO2_QPECgrJweL0FftiG10sIjqefPrT1Db1tYOymUOx3l7AX414Kyoi3jE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RkhZMEM3ck8xUmF6SlQ1&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&google_cver=1&google_push=AXcoOmShRuIrI9Mg9j5vCAw3jk7MpfZRUEJXofWq1ZESCiO2_QPECgrJweL0FftiG10sIjqefPrT1Db1tYOymUOx3l7AX414Kyoi3jE

Request Chain 135

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPzBfOqkhRzkeF9gIAbKha4&google_cver=1&google_push=AXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPzBfOqkhRzkeF9gIAbKha4&google_cver=1&google_push=AXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 136

https://um.simpli.fi/gp_match?google_gid=CAESEPmrwcZ8Hp8zkmaz6v-tVlo&google_cver=1&google_push=AXcoOmS59KNqGugWPVfkOpm0YKP38r0nAsHGLNoRYLtbrHSaTj30lEAMWx3UMTGZ2F6joBh90Tk95fFmkJZrT1Eys7h6s7RL2_R7jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D205C2B76B8B4FB9B2A47DFE92574604&google_push=AXcoOmS59KNqGugWPVfkOpm0YKP38r0nAsHGLNoRYLtbrHSaTj30lEAMWx3UMTGZ2F6joBh90Tk95fFmkJZrT1Eys7h6s7RL2_R7jA

Request Chain 138

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC3IZdkYYz1SNGRuc-sx9DY&google_cver=1&google_push=AXcoOmRktLXLXzVtyFzKdlts4bNPG4JBK-uEeFSYnlinCT5pLu8Zd5SEIg69uZ8JAou4AwaVoGv_4miJQtfw7G1iBEmSaE5l5TbIorA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRktLXLXzVtyFzKdlts4bNPG4JBK-uEeFSYnlinCT5pLu8Zd5SEIg69uZ8JAou4AwaVoGv_4miJQtfw7G1iBEmSaE5l5TbIorA&google_hm=eS1TcTJfQzJWRTJwR0hWa044N0NseHVtR2F0WUw3ZWJfM35B

Request Chain 139

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHaCKUuy4EOoPRsrzZteTyg&google_cver=1&google_push=AXcoOmRxZAxLw6gI1E63YCRHY7Qz_qBj0AykDYO_SSp3SD9GWLVFTn74nY2FrRK7SeCOoHzcsPtZElK5kR3yDh8LcL1WYPVXLEM9WjI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRxZAxLw6gI1E63YCRHY7Qz_qBj0AykDYO_SSp3SD9GWLVFTn74nY2FrRK7SeCOoHzcsPtZElK5kR3yDh8LcL1WYPVXLEM9WjI

Request Chain 148

https://googleads.g.doubleclick.net/pagead/adview?ai=CsjLfiGVvZez8Gfmg9u8P_ZqL6A_Dg9XAdJS-0v6iEvXo2r_NARABINf3q3xgleKQgqAHoAGB1MG5KMgBCakC5jIXFrglsj6oAwHIA8sEqgS9AU_QOqSJJksxGk6IGx-z9mNCVhaL4yTFHbhEWk5LwsRFq6xXKhZBL95v__WXaWuyONu3jfxup8Ub5RXCFJTp47cTsSlOM1oyGJ3K9CYHLZc2A31YG0N3j2FZ6wu43MHLAjbmXcH8qLJi57-DwgnmAk22JmNEr0jzBqYKEnndsIqpczOYHAIMzoxzzWLX3DSqa6w1PnCj6pJuoXOTpS_an1jxxKgACffGVkjYsl3MQ1Ia_LkZRIjn8k7Re9nPXMAE7_zF_8YEiAXApJXHTZIFBAgEGAGSBQQIBRgEoAYugAeBjJKZA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKrzBdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY472TuPD4ggOaCTFodHRwczovL3d3dy5zb2xkaWRlc2lnbm9mZmljaWFsLmNvbS9kZS8zODktbG92aW5vgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi03Nzk4OTk0MjkzMTAwMzEwGAA&sigh=wAhwTqcB8is&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNyHrfd21TgWyX-AuOZLMfZR8muAmpubD8yTLjK2Bv9ZAZ3RmQYAI69NS3eZc0qr_huoe4Q__zGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212819370338484589002%22,%22debug_reporting%22:true,%22destination%22:%22https://soldidesignofficial.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210858031617%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217808580363837050177%22}&andc=true

159 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bigl.ua/
Redirect Chain

http://bigl.ua/
https://bigl.ua/

124 KB
28 KB

703ms
561ms

Document
text/html

193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

1f7144f04381b3893247a99d58f0d2e76bb9f763b6a32d983c17fef12e9ab295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 18:01:40 GMT
etag: W/"1ef92-awaYOVSbL7uvA35GqXkzGA73hQg"
link: </cloud-cgi/static/corgi/build/js/2670_ebac6e0c2f443b93a554.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/corgi_21c87e9ec28d2758bdbd.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/MainPage_98f66bde07ae02499d59.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/corgi_runtime_e1a213cad3d10c232499.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/143_0fd46032f30cf847616c.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/4397_efc8a0e777525e064db0.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/554_edcef6cfd9d100e48f2f.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/4928_70ac6754cb60f25a4259.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/2670_a907c611971fbd7afc8d.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/corgi_718828f0bf44d15405ed.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/6066_1fd771d2a3ce94103fbd.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/9588_052dfada1e8a638e9c83.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/2110_490226238478a2af7330.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/2785_1f4829fb63ba7aae3db8.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/6475_6d6fccef580e372acca9.uk.es6.js>; rel=preload; as=script; nopush,<https://my.bigl.ua>; rel=preconnect,<https://stats.g.doubleclick.net>; rel=preconnect,<https://www.google.com.ua>; rel=preconnect,<https://www.google.com>; rel=preconnect,<https://images.ua.prom.st>; rel=preconnect,<https://www.google-analytics.com>; rel=preconnect
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: 9ec2b4c0-fd1b-4b21-8a1d-3689d8c98176
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 05 Dec 2023 18:01:39 GMT
Location: https://bigl.ua/
Server: nginx

GET
H2 200 2670_ebac6e0c2f443b93a554.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 252 KB
13 KB 235ms
232ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/2670_ebac6e0c2f443b93a554.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: b0fd06f61506be4755268555778bce0e1a29af4fa0e3bb66376801250f7fe5fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-2670_ebac6e0c2f443b93a554.css
x-amz-request-id: tx000000000000008315e1a-00655f04b8-4a1be2c6-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-2670_ebac6e0c2f443b93a554.css, cbigl.ua/cloud-cgi/static/corgi/build/js/2670_ebac6e0c2f443b93a554.css
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 12564
x-cdn-ruri: /build/js/br-encoded-2670_ebac6e0c2f443b93a554.css, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: nginx-cache-04, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 corgi_21c87e9ec28d2758bdbd.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 10 KB
3 KB 235ms
233ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_21c87e9ec28d2758bdbd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c88f30ad811f9de07a6b33e792d70d6fcc02fd18c93ffcaaa05b966287d2386c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_21c87e9ec28d2758bdbd.css
x-amz-request-id: tx0000000000000a729a3b5-0065532aef-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_21c87e9ec28d2758bdbd.css, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_21c87e9ec28d2758bdbd.css
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 2623
x-cdn-ruri: /build/js/br-encoded-corgi_21c87e9ec28d2758bdbd.css, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 08:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: lancehead, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 MainPage_98f66bde07ae02499d59.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 3 KB
2 KB 235ms
233ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/MainPage_98f66bde07ae02499d59.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: f0f4177cbb0b0646a5cea0c972812b96e1390fe8ff91b4df681da036ce09d1a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-MainPage_98f66bde07ae02499d59.css
x-amz-request-id: tx0000000000000a729a3d5-0065532aef-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-MainPage_98f66bde07ae02499d59.css, cbigl.ua/cloud-cgi/static/corgi/build/js/MainPage_98f66bde07ae02499d59.css
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 867
x-cdn-ruri: /build/js/br-encoded-MainPage_98f66bde07ae02499d59.css, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 08:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: nginx-cache-01, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 corgi_runtime_e1a213cad3d10c232499.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 21 KB
6 KB 235ms
234ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_runtime_e1a213cad3d10c232499.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 00598bcca0ea5aa6992477fc9a2248fead35792ff8b31a79cf2fd6d3b0dd6607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_runtime_e1a213cad3d10c232499.uk.es6.js
x-amz-request-id: tx0000000000000363cb879-0065673859-4a1be2c6-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_runtime_e1a213cad3d10c232499.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_runtime_e1a213cad3d10c232499.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 5070
x-cdn-ruri: /build/js/br-encoded-corgi_runtime_e1a213cad3d10c232499.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 29 Nov 2023 10:09:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-05, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 143_0fd46032f30cf847616c.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 1 MB
208 KB 236ms
234ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/143_0fd46032f30cf847616c.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 3683b52fb3ba3ccfed05389ad070096f8f22fb12df741e3a6c79991f23095fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-143_0fd46032f30cf847616c.uk.es6.js
x-amz-request-id: tx0000000000000082732eb-00655f04b8-4a1be290-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-143_0fd46032f30cf847616c.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/143_0fd46032f30cf847616c.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 211965
x-cdn-ruri: /build/js/br-encoded-143_0fd46032f30cf847616c.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-03, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 4397_efc8a0e777525e064db0.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 356 KB
53 KB 236ms
234ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/4397_efc8a0e777525e064db0.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 2b0df2b4fd23ee9e9c20ab0a9c489eb685dd04492330939c1ef7f8b69f9d91e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-4397_efc8a0e777525e064db0.uk.es6.js
x-amz-request-id: tx0000000000000082732e8-00655f04b8-4a1be290-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-4397_efc8a0e777525e064db0.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/4397_efc8a0e777525e064db0.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 53343
x-cdn-ruri: /build/js/br-encoded-4397_efc8a0e777525e064db0.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-01, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 554_edcef6cfd9d100e48f2f.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 71 KB
17 KB 236ms
235ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/554_edcef6cfd9d100e48f2f.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 9c9dfb8ca0fafac9cc8566795cf9e0640cbd40f7344b8277f3d46a1b03b2cd31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-554_edcef6cfd9d100e48f2f.uk.es6.js
x-amz-request-id: tx00000000000004c4d03de-0065421605-46c59b2c-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-554_edcef6cfd9d100e48f2f.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/554_edcef6cfd9d100e48f2f.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 16852
x-cdn-ruri: /build/js/br-encoded-554_edcef6cfd9d100e48f2f.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 01 Nov 2023 09:07:57 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-03, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 4928_70ac6754cb60f25a4259.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 26 KB
8 KB 236ms
235ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/4928_70ac6754cb60f25a4259.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 682793f881ccbc1c37bd9485d7fc903c219db4ce625177119deef96a79242b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-4928_70ac6754cb60f25a4259.uk.es6.js
x-amz-request-id: tx000000000000036136543-0065671bc5-4a1be2c6-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-4928_70ac6754cb60f25a4259.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/4928_70ac6754cb60f25a4259.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 7558
x-cdn-ruri: /build/js/br-encoded-4928_70ac6754cb60f25a4259.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 29 Nov 2023 10:09:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 2670_a907c611971fbd7afc8d.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 339 KB
44 KB 236ms
235ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/2670_a907c611971fbd7afc8d.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: f76953cefbafad3a2a837d937bfda12ba073d59b0d1e0605616b25acc059e68a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-2670_a907c611971fbd7afc8d.uk.es6.js
x-amz-request-id: tx00000000000003652c5c9-0065673859-46643e73-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-2670_a907c611971fbd7afc8d.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/2670_a907c611971fbd7afc8d.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 44415
x-cdn-ruri: /build/js/br-encoded-2670_a907c611971fbd7afc8d.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 29 Nov 2023 10:09:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-03, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 corgi_718828f0bf44d15405ed.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 489 KB
48 KB 237ms
235ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_718828f0bf44d15405ed.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: abcb74faca3abdd232dc5f6dfe36f2ccaf362a6f4c8df0466052ccf11fc15452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_718828f0bf44d15405ed.uk.es6.js
x-amz-request-id: tx0000000000000363cb87e-0065673859-4a1be2c6-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_718828f0bf44d15405ed.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_718828f0bf44d15405ed.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 48630
x-cdn-ruri: /build/js/br-encoded-corgi_718828f0bf44d15405ed.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 29 Nov 2023 10:09:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-01, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 6066_1fd771d2a3ce94103fbd.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 164 KB
28 KB 567ms
566ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/6066_1fd771d2a3ce94103fbd.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 98eb135c1fab0d02e37fe78ed9f115d29f714f5ab26da1407b1b7cd2156bfc22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-6066_1fd771d2a3ce94103fbd.uk.es6.js
x-amz-request-id: tx0000000000000082732f8-00655f04b8-4a1be290-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-6066_1fd771d2a3ce94103fbd.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/6066_1fd771d2a3ce94103fbd.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 27743
x-cdn-ruri: /build/js/br-encoded-6066_1fd771d2a3ce94103fbd.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: himehabu, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 9588_052dfada1e8a638e9c83.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 72 KB
11 KB 567ms
566ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/9588_052dfada1e8a638e9c83.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c86459f402bcaa959ae2894ebaaa5b8bff92488e12118953714099379533f683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-9588_052dfada1e8a638e9c83.uk.es6.js
x-amz-request-id: tx0000000000000083326e3-00655f04b8-46643e73-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-9588_052dfada1e8a638e9c83.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/9588_052dfada1e8a638e9c83.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 10508
x-cdn-ruri: /build/js/br-encoded-9588_052dfada1e8a638e9c83.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-03, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 2110_490226238478a2af7330.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 32 KB
6 KB 568ms
567ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/2110_490226238478a2af7330.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 27210e35c5772a3692e60e31ec08e362364f482123eabaa9330f8f1156f883dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-2110_490226238478a2af7330.uk.es6.js
x-amz-request-id: tx000000000000008315e28-00655f04b8-4a1be2c6-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-2110_490226238478a2af7330.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/2110_490226238478a2af7330.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 5773
x-cdn-ruri: /build/js/br-encoded-2110_490226238478a2af7330.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 2785_1f4829fb63ba7aae3db8.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 58 KB
5 KB 568ms
567ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/2785_1f4829fb63ba7aae3db8.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 3fcb496e6d885391cffe86d8aaf195cc1312cb1648bc6f48e7fa56bf6252e2d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-2785_1f4829fb63ba7aae3db8.uk.es6.js
x-amz-request-id: tx0000000000000083326dd-00655f04b8-46643e73-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-2785_1f4829fb63ba7aae3db8.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/2785_1f4829fb63ba7aae3db8.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4521
x-cdn-ruri: /build/js/br-encoded-2785_1f4829fb63ba7aae3db8.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-03, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 6475_6d6fccef580e372acca9.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 66 KB
9 KB 568ms
567ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/6475_6d6fccef580e372acca9.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 1fb7191825ae8813d328a1f29361bd6689b2545e86c73ec4b17bfe6963a6bb63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-6475_6d6fccef580e372acca9.uk.es6.js
x-amz-request-id: tx0000000000000083326e6-00655f04b8-46643e73-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-6475_6d6fccef580e372acca9.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/6475_6d6fccef580e372acca9.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 8618
x-cdn-ruri: /build/js/br-encoded-6475_6d6fccef580e372acca9.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 22 Nov 2023 15:13:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-02, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 5162468844_w1750_h80_5162468844.png
images.prom.ua/ 12 KB
12 KB 195ms
87ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5162468844_w1750_h80_5162468844.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 7efdade6bfd1da73763b9e9e36c0fe1a4e2c319f75ea6ec9ea5126a9279e1f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e0769833fe15bd506b936627e92ebcf5d92fd1d6_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 34
content-length: 12380
x-request-id: 99b7f67e-432f-4044-a3de-ea6f0ef912fa

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 250ms
138ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c9ca48a5650819ca779b45c5341678ff51a6d35a38ade010c22355893a20067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52052
x-xss-protection: 0
server: cafe
etag: 2022117863586647357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:01:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
87 KB 180ms
65ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N053KL2046

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72949c39dee4f6b971dd4cc5dae5bfbd3dfd040f875ea5532bf16decb6ec1245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 18:01:40 GMT

GET
H2 200 gotcha-min.js Show response
bigl.ua/cloud-cgi/static/gotcha/ 3 KB
2 KB 399ms
398ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/gotcha/gotcha-min.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 64b797a0ce98432b9720aa97a2a7a6e7f7d86348832f7f06d985d0b0e403debf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: gzip
x-amz-request-id: tx000000000000058ba3842-00656dc33f-4a1be290-openstack-1
x-cache-key: cdngotcha.c.evo.dev/gotcha-min.js, cbigl.ua/cloud-cgi/static/gotcha/gotcha-min.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1321
x-cdn-ruri: /gotcha-min.js
x-uri2: gotcha.c.evo.dev/gotcha-min.js
last-modified: Fri, 24 Mar 2023 12:03:13 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, callisto
x-lb-fallback: true
x-rgw-object-type: Normal
cache-control: public,max-age=259200
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 logo2x-ImkFlCC.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 943 B
2 KB 400ms
398ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/logo2x-ImkFlCC.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: e4f8c2f572a71772c8473efa12c92a1f13d7d8a47bccf16810f97c4905b48f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
x-amz-request-id: tx000000000000004cf4bad-00647a3b0e-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/logo2x-ImkFlCC.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/logo2x-ImkFlCC.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 943
x-cdn-ruri: /build/js/images/logo2x-ImkFlCC.png
x-uri2: corgi.c.evo.dev/build/js/imageslogo2x-ImkFlCC.png
last-modified: Mon, 29 Nov 2021 13:29:15 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: habu, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 5128254173_w730_h360_5128254173.png
images.prom.ua/ 15 KB
15 KB 197ms
89ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5128254173_w730_h360_5128254173.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: b09bf3a0004cf70d71cc3639efdd37534ea1b617ffcf2389a91a5db87072355f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 9973cfd16d82eb3ef52b372abc57fef3e40fa67d_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 141
content-length: 15480
x-request-id: 34fa05da-45a8-4184-a45d-ede6aedfc22c

GET
H2 200 5155962074_w730_h360_5155962074.png
images.prom.ua/ 22 KB
22 KB 89ms
89ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5155962074_w730_h360_5155962074.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 4c922650cbaeb5a3c493cd1cb7bb70a94555368f92c0def588cd7a7308f5c222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 06fed8626e288251ea51c42bdaaae2ff9fbbabc9_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 133
content-length: 22220
x-request-id: 5f656ec6-1ad7-4459-a240-8ff32dcdbb9a

GET
H2 200 5162463399_w730_h360_5162463399.png
images.prom.ua/ 19 KB
19 KB 88ms
88ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5162463399_w730_h360_5162463399.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 31642bcf25c7ef8846137a0f28cda402fe912e7a204c2a79a22461019151c169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 7934b882459bbc44a18718ec692f68ae526e7d5f_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 108
content-length: 19440
x-request-id: 51cb13d0-29da-4be3-919b-75ae7e9b98b1

GET
H2 200 safe-shopping-SOaL0Ro.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 400ms
399ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/safe-shopping-SOaL0Ro.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c092ffa0aff369fb8d8a8fcf94b8834306b9b5c370a9728e4e27f369f1390d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg
x-amz-request-id: tx000000000000004e4e4db-00647a3b0e-37a4103a-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/safe-shopping-SOaL0Ro.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 794
x-cdn-ruri: /build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: whiptails, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 badgeIos-Ysw4wwJ.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
3 KB 399ms
397ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/badgeIos-Ysw4wwJ.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: d05f0619affb2db80a16b36662d335fa1d3482b331964853db4ede8191aca539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
x-amz-request-id: tx0000000000000a03787aa-0065520f08-46c59b2c-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/badgeIos-Ysw4wwJ.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/badgeIos-Ysw4wwJ.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1997
x-cdn-ruri: /build/js/images/badgeIos-Ysw4wwJ.png
x-uri2: corgi.c.evo.dev/build/js/imagesbadgeIos-Ysw4wwJ.png
last-modified: Mon, 13 Nov 2023 11:54:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: nginx-cache-02, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 badgeAndroid-BQLaeZE.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 3 KB
4 KB 400ms
399ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/badgeAndroid-BQLaeZE.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 372c5d087f7f5e33888dcd8b682d5a4f9f04d1ed308b8b63144863a921ae12f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
x-amz-request-id: tx0000000000000a03787a0-0065520f08-46c59b2c-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/badgeAndroid-BQLaeZE.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/badgeAndroid-BQLaeZE.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 3160
x-cdn-ruri: /build/js/images/badgeAndroid-BQLaeZE.png
x-uri2: corgi.c.evo.dev/build/js/imagesbadgeAndroid-BQLaeZE.png
last-modified: Mon, 13 Nov 2023 11:54:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: himehabu, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
74 KB 260ms
146ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2GRR5

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6285c0475f8771a14a9a4167bdd6c1c0510b08bd1c085e76bb92825576fdf5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 18:01:40 GMT

GET
H2 200 adv_teasers.js Show response
bigl.ua/cloud-cgi/static/uaprom-static/js/ 20 B
841 B 400ms
399ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: uaprom-static.c.evo.dev/js/br-encoded-adv_teasers.js
x-amz-request-id: tx00000000000000a5887d5-0063fcb60b-2e6b5661-openstack-1
x-cache-key: cdnuaprom-static.c.evo.dev/js/br-encoded-adv_teasers.js, cbigl.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 25
x-cdn-ruri: /js/br-encoded-adv_teasers.js, http_x_cdn_ruri
last-modified: Fri, 13 Nov 2020 11:24:00 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-04, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 bare.js Show response
my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/ 11 KB
5 KB 670ms
583ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 4bdd7fa6cf14c27758e296fbca25419c702f10f72941211d35723f58cd59ea70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: gzip
x-amz-request-id: tx00000000000000b4331af-0064009290-2e6b5661-openstack-1
x-cache-key: cdnclerk.c.evo.dev/v4.3.2/bare.js, cmy.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4047
x-cdn-ruri: /v4.3.2/bare.js
x-uri2: clerk.c.evo.dev/v4.3.2bare.js
last-modified: Wed, 21 Jul 2021 08:17:26 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: lancehead, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 solve.js Show response
bigl.ua/cloud-cgi/static/power/ 34 KB
11 KB 400ms
399ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/power/solve.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
x-uri1: power.c.evo.dev//br-encoded-solve.js
x-amz-request-id: tx000000000000062f5f1fb-0064cd0bd5-3c03c3b5-openstack-1
x-cache-key: cdnpower.c.evo.dev/br-encoded-solve.js, cbigl.ua/cloud-cgi/static/power/solve.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 10090
x-cdn-ruri: /br-encoded-solve.js, http_x_cdn_ruri
last-modified: Fri, 04 Aug 2023 14:21:39 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-02, callisto
x-lb-fallback: true
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2

204

tags
creativecdn.com/ Frame 828D
Redirect Chain

https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home
https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1

0
0

15ms
15ms

Document
text/plain

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 05 Dec 2023 18:01:40 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H2 200 iframe.html Show response
my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/ Frame C41D 3 KB
2 KB 664ms
583ms Document
text/html 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: f66f3d6a08c5006bc536cb74578f916288c28db97b853cf07447c886f9178118

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
content-length: 1365
content-type: text/html
date: Tue, 05 Dec 2023 18:01:40 GMT
last-modified: Wed, 21 Jul 2021 08:17:26 GMT
server: nginx
x-amz-request-id: tx00000000000000b49c6d6-0064009290-2e2ce0d4-openstack-1
x-amz-storage-class: STANDARD
x-cache-key: cdnclerk.c.evo.dev/v4.3.2/iframe.html cmy.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
x-cache-source: local
x-cache-status: HIT HIT HIT
x-cache-type: main
x-cdn-ruri: /v4.3.2/iframe.html
x-fallback: true
x-lb-name: himehabu
x-rgw-object-type: Normal
x-servant: nginx-cache-02 callisto
x-trouble: IAMHERE
x-uri2: clerk.c.evo.dev/v4.3.2iframe.html

GET
H2 200 / Show response
cralodas.com.ua/code/ 309 B
702 B 118ms
60ms Script
application/javascript 2606:4700:3037::ac43:d7e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cralodas.com.ua/code/
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d7e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 669ec742aaec6f8a7dda1316b9e2543ad90f1686959d46f7a24776d7691a03e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJebaDiT2QifMBJ1cgfTpSp6o%2BGijo%2FpRB73ZWxCpYnt5kvi8izrxAuzuA9hihkBZPu5kcaK5LzQKrqRweIVBx4KTNUR%2BoymDSEQzl57EvE49lLe%2BlYKbtxmRFpoK%2FDu59Wx4ateNnoLOZnYV7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 830e321d2f1f0bd5-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
m.cralodas.com.ua/ 6 KB
2 KB 81ms
62ms Script
application/javascript 2606:4700:3037::ac43:d7e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.cralodas.com.ua/?t=0.25300896589677535
Requested by: Host: cralodas.com.ua
URL: https://cralodas.com.ua/code/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d7e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77bcb19827fb0f304b72cbd699d60255b8d89b391384c34be07898c24f9f11fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP6ppA0m709h%2BcRpe3juC1%2F6vHZc8h1cI3kh2aGj2rE2Yni28tWEct1IV5m7P658zjELMH3FStPRANgv2%2F7ffiubiEHQdlEotOSUE0AWvdI8tK7xqkC%2Bjg1zqU3FbnAovqSvCYn9ckTEPR%2FO9cjAbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 830e321dbfae0bd5-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
c.cralodas.com.ua/ 0
269 B 79ms
60ms Script
application/javascript 2606:4700:3037::ac43:d7e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cralodas.com.ua/?id=abbffc0f-463a-487f-a934-304fb34e872e&width=1600&height=1200&screen_width=1600&screen_height=1200&d=1&bd={%22l%22:[%22en-US%22,%22en%22],%22pc%22:3,%22p%22:false}&url=https%3A%2F%2Fbigl.ua%2F&ref=&t=0.8050116274786896
Requested by: Host: m.cralodas.com.ua
URL: https://m.cralodas.com.ua/?t=0.25300896589677535
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d7e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8MJ6QQPqwm6XGyJH7Nl1v79HRAMsU8P5xjreogBtcYqgxkq3V7MTOAkDvfmOzcuPkt%2FCZozpCwfD5KWV1NIw38XQjCgtsdSjwmYA070WZnFfak3O3GheQ5%2FR439jYFwNij%2F6yj014y9FDTgvMaKLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 830e321e38420bd5-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7798994293100310&plah=bigl.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

280d33fddfbaf07884bed285815a8edad464bb0df311b4ed2f544b1ae4cfc600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137565
x-xss-protection: 0
server: cafe
etag: 1160991850155073615
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:01:41 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame B1FC 9 KB
4 KB 192ms
54ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 02:04:00 GMT
etag: 12051592065903069241
expires: Tue, 19 Dec 2023 02:04:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
239 B 147ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N053KL2046&gtm=45je3bt0v880257162&_p=1701799300338&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1643574719.1701799301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1701799300&sct=1&seg=0&dl=https%3A%2F%2Fbigl.ua%2F&dt=Bigl.ua%20%E2%80%94%2075%20013%20846%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81%D1%96%D1%94%D1%97%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1526
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N053KL2046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigl.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
239 B 169ms
58ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N053KL2046&cid=1643574719.1701799301&gtm=45je3bt0v880257162&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N053KL2046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigl.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 194ms
80ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N053KL2046&cid=1643574719.1701799301&gtm=45je3bt0v880257162&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=265291959

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948379876/ 3 KB
2 KB 203ms
96ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948379876/?random=1701799301003&cv=11&fst=1701799301003&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71856085&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbigl.ua%2F&hn=www.googleadservices.com&frm=0&tiba=Bigl.ua%20%E2%80%94%2075%20013%20846%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2GRR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8f12bcf04ff138317ecf56ffb528488bbd846ad38e773c6072f6484fe5d9b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948379876/ 42 B
455 B 179ms
64ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948379876/?random=1701799301003&cv=11&fst=1701799200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71856085&u_w=1600&u_h=1200&url=https%3A%2F%2Fbigl.ua%2F&frm=0&tiba=Bigl.ua%20%E2%80%94%2075%20013%20846%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81&fmt=3&is_vtc=1&cid=CAQSGwDICaaNlbI8oLQM4ZHh1B-Iv4UNVF-tknDPWg&random=1801592092&rmt_tld=0&ipr=y

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948379876/ 42 B
154 B 65ms
65ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948379876/?random=1701799301003&cv=11&fst=1701799200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71856085&u_w=1600&u_h=1200&url=https%3A%2F%2Fbigl.ua%2F&frm=0&tiba=Bigl.ua%20%E2%80%94%2075%20013%20846%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81&fmt=3&is_vtc=1&cid=CAQSGwDICaaNlbI8oLQM4ZHh1B-Iv4UNVF-tknDPWg&random=1801592092&rmt_tld=1&ipr=y

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 818B 0
314 B 357ms
355ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&adk=1812271804&adf=3025194257&lmt=1701799301&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbigl.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799300942&bpp=4&bdt=623&idt=309&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5891262903462&frm=20&pv=2&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=320

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7798994293100310&plah=bigl.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:01:41 GMT
expires: Tue, 05 Dec 2023 18:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 view
midas-external.bigl.ua/rest/koshykUi/cartList/ Frame 0
0 215ms
54ms Preflight
text/plain 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://midas-external.bigl.ua/rest/koshykUi/cartList/view?source=bigl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-language,x-requested-with
Access-Control-Request-Method: GET
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-evo-access-token, x-evo-user-id, x-evo-user-profile, x-requested-with, x-language
access-control-allow-origin: https://bigl.ua
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 05 Dec 2023 18:01:44 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: 2ece7d79-6b0c-45b4-90e4-fe1688cdbcc0
x-xss-protection: 1; mode=block

GET
H2 200 colbert.js Show response
colbert-static.c.prom.st/static/ 210 KB
56 KB 229ms
93ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert-static.c.prom.st/static/colbert.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76

Request headers

Referer: https://bigl.ua/
Origin: https://bigl.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
content-encoding: br
x-amz-request-id: tx0000000000000028de292-0063ada7b7-2cc722fb-openstack-1
x-cache-key: cdncolbert-static.c.prom.st/static/br-encoded-colbert.js
x-cache-status: HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 56921
x-cdn-ruri: /static/br-encoded-colbert.js
last-modified: Wed, 23 Jun 2021 07:49:54 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: himehabu
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2 200 view Show response
midas-external.bigl.ua/rest/koshykUi/cartList/ 105 B
369 B 91ms
90ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://midas-external.bigl.ua/rest/koshykUi/cartList/view?source=bigl

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/143_0fd46032f30cf847616c.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

0343bb8536cc4b19147cee2ce5a099500f075ee4114be7b372905eb3dbf0979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bigl.ua/
X-LANGUAGE: uk
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bigl.ua
access-control-allow-credentials: true
content-length: 105
x-xss-protection: 1; mode=block
x-request-id: 97080b9a-c46c-4746-bf8a-b8bae0e0d17b

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F35D 39 KB
16 KB 570ms
569ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b09e8e1bc31057f2427ef033c0585410267086aea113076160276a9596eb8d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:01:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4AED 126 KB
42 KB 667ms
667ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d02b5b3ed52fdd3a28b77dda363fb5e40dc46ea4f927b00d6150888be2af59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 43293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:01:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 graphql Show response
bigl.ua/ 318 B
1 KB 76ms
76ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://bigl.ua/graphql

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/143_0fd46032f30cf847616c.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

04b177e329034035c8e7c3dbe2429277cb38632e7ef6630c62ec269807dcf662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept: */*
Referer: https://bigl.ua/
x-language: uk
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
content-length: 318
x-xss-protection: 1; mode=block
x-request-id: a4d13059-4307-421a-8708-59bc26494f76
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bigl.ua
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-LANGUAGE,X-DisableSafariCORSCheck,Authorization

GET
H2 200 2199592240_w200_h200_2199592240.jpg
images.prom.ua/ 5 KB
5 KB 161ms
156ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2199592240_w200_h200_2199592240.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 5c02331a0265eb2ad2c457d9cd0efc3a0b50b985847c0308798efd2bce58f389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: f6a7cc5825074c4d9f7eb01c6d85a5be4a808482_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 32
content-length: 5114
x-request-id: a78f6359-03ed-4f2c-b9e5-034b61a4072a

GET
H2 200 2856714954_w200_h200_2856714954.jpg
images.prom.ua/ 6 KB
6 KB 181ms
176ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2856714954_w200_h200_2856714954.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: d3ced8de58eb66b0c561f8fce25c5ea34e178acccf61f87a8ca3e43d8ec3648e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: aa19563f76ef8a40649ccfc2d38bdf315ed9fff2_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 186
content-length: 5832
x-request-id: 3a83f923-d885-475d-91f0-700e1fb56efc

GET
H2 200 4096738534_w200_h200_4096738534.jpg
images.prom.ua/ 8 KB
8 KB 308ms
304ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4096738534_w200_h200_4096738534.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 9abe40126a6dd6e9772715a7a1f3f28164d31a999eec2e102a0a99a1bffda9d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 545bc754bfa6326db01c924fc9abc0d6c478cdfd_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1775
content-length: 7902
x-request-id: 365594ec-51cb-473a-a9ab-ddc877913249

GET
H2 200 2837307388_w200_h200_2837307388.jpg
images.prom.ua/ 4 KB
4 KB 161ms
156ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2837307388_w200_h200_2837307388.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 11a45c10ca64c4430b7d83093f410f21588ada06dfdfc6f51d61034ba8ced911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: aaa3582f7aeb37fd6d85a86bf6a7811f7cc35ea9_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 32
content-length: 3840
x-request-id: 83effa6c-e41e-47b2-a314-713d57998873

GET
H2 200 3676279296_w200_h200_3676279296.jpg
images.prom.ua/ 5 KB
5 KB 93ms
89ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3676279296_w200_h200_3676279296.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 13f117e16f5de815d81f4d771265b76d71b09300a4c15947430f83063202d184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e136842c2569bae50ea702cd8f6aec75166f3a5d_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 60
content-length: 4744
x-request-id: df854af2-5383-48ab-bb31-385f28cf7276

GET
H2 200 1211826767_w200_h200_1211826767.jpg
images.prom.ua/ 3 KB
3 KB 392ms
388ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/1211826767_w200_h200_1211826767.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 9d404cf14fbf0ff9d1764d7ce3c267be31c307d7ea47b293a32caf4ad663295c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 98e084f8dcebd589da18c219719163d156064d76_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 28
content-length: 3218
x-request-id: e079dfb5-3f57-4503-8bc0-221774f1e17d

GET
H2 200 2293203346_w200_h200_2293203346.jpg
images.prom.ua/ 2 KB
2 KB 203ms
199ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2293203346_w200_h200_2293203346.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 593fe9a18ffd71661311532440135a7566e98e69cf13b443609c1c45ce966e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 02fff4214542662dc455d1350ba7d6da26d0c923_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 73
content-length: 2160
x-request-id: 52815afd-ad68-4b90-8ffb-1ba7f4da6c4e

GET
H2 200 1147680262_w200_h200_1147680262.jpg
images.prom.ua/ 4 KB
5 KB 93ms
89ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/1147680262_w200_h200_1147680262.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 67f6a1798caab7bcbdcce373311203de54911ed8e222ff37727660f11157f89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 83230b09cf43c8b74415117fb55327e5de1f00df_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 38
content-length: 4344
x-request-id: c854e4af-f5d5-49db-8a50-daba32508dc6

GET
H2 200 895750212_w200_h200_895750212.jpg
images.prom.ua/ 2 KB
3 KB 92ms
88ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/895750212_w200_h200_895750212.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: dea7b9942176b176de1e103ee6fd23b2e85342159f3007fec9da0bddd5315509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 9b70484c30956c0f3e708bea2d3d91b4da197f38_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: ferdelance
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 34
content-length: 2352
x-request-id: a238ecbc-9d3f-47e5-9659-c4426f24e454

GET
H2 200 2811870766_w200_h200_2811870766.jpg
images.prom.ua/ 6 KB
6 KB 203ms
199ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2811870766_w200_h200_2811870766.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 76891d6d9e9aa0a9da58f39ee074474d1dacb1fcf62415587d1b0d14363b1d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 875a3c4e402bba3c95d3834df3b5d1d37efb97ff_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 31
content-length: 5834
x-request-id: 1687ab4a-6e8c-4c73-90cd-a7bc60d2a015

GET
H2 200 3447158064_w230_h230_zhinochi-sukni.jpg
images.prom.ua/ 972 B
1 KB 912ms
908ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447158064_w230_h230_zhinochi-sukni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 7f2428836c373bbbe8ca476b409ce4037058a820dee4c09fb0a58b11f616b6eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 438232ed8b406cefd838b07b760ceb449e39ea37_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 31
content-length: 972
x-request-id: c9b7c313-e38b-4348-837f-168754c62d6b

GET
H2 200 3447157876_w230_h230_cholovichi-tolstovki-i.jpg
images.prom.ua/ 1 KB
2 KB 799ms
795ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447157876_w230_h230_cholovichi-tolstovki-i.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: f4c8bf34e471832635037e18bc7aac5a9a0d81f6ff82925c8c022c7e059e45c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: b2a549045db6f48ee01379ae9c0921f803ee5a26_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 36
content-length: 1324
x-request-id: 8563b10c-8a09-424f-8b76-28bcbd714f9c

GET
H2 200 3522914139_w230_h230_naruchni-ta-kishenkovi.jpg
images.prom.ua/ 1 KB
2 KB 758ms
754ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3522914139_w230_h230_naruchni-ta-kishenkovi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 649ec18fafe18e7629f923ddddcbaa80b83d2689ae88236fe44726c67a962bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e8df3563efebaf5679a5d75f7f8643d1e0fa26e1_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 52
content-length: 1446
x-request-id: 00ae3d55-d8aa-45f5-a1ef-c9874a049a85

GET
H2 200 3371841217_w230_h230_zhinochi-sumochki-i.jpg
images.prom.ua/ 1 KB
2 KB 606ms
603ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3371841217_w230_h230_zhinochi-sumochki-i.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 49f1117a5e8cce19bc68443dedfcf44c5e0f923bca050f24b7f959526badba6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 066d5a273fb49f93535a3c70cdfcbcf3c18b6f9b_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 37
content-length: 1524
x-request-id: bf978a27-5a56-4190-b916-26c7aa975939

GET
H2 200 img-VeaJhi4.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 1 KB
2 KB 52ms
49ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/img-VeaJhi4.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c9c69f9ce1741f3e5a0ea13e8d27f5073d6ad337fde898e27710351ebfc14428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
x-amz-request-id: tx000000000000004e7e262-00647a3b40-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/img-VeaJhi4.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/img-VeaJhi4.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1470
x-cdn-ruri: /build/js/images/img-VeaJhi4.png
x-uri2: corgi.c.evo.dev/build/js/imagesimg-VeaJhi4.png
last-modified: Mon, 29 Nov 2021 13:29:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: nginx-cache-01, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 3371843373_w230_h230_mobilni-telefoni-smartfoni.jpg
images.prom.ua/ 1 KB
2 KB 392ms
389ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3371843373_w230_h230_mobilni-telefoni-smartfoni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: e37c4bbcb7a1c857eab6aba6f286fa92be5b7541c3aaa79978e61d522ddb4e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 0a49b96caa118e7aed36926dc9741bdea5b87d84_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 25
content-length: 1368
x-request-id: c8a20b71-7b3e-42e6-9068-858e18224d15

GET
H2 200 3653409945_w230_h230_chohli-dlya-telefoniv.jpg
images.prom.ua/ 722 B
1 KB 755ms
752ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3653409945_w230_h230_chohli-dlya-telefoniv.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: bc6d04f1867aa9d1fcc0db04a837b42c1b3843907f703baa1dde6347286311ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e8aa08ada62bfd5f1c39b7aa1a53aa5e45a85306_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 16
content-length: 722
x-request-id: c972384b-a684-4f1b-98ba-bff4d5858344

GET
H2 200 3450991006_w230_h230_planshetni-kompyuteri.jpg
images.prom.ua/ 2 KB
3 KB 606ms
603ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450991006_w230_h230_planshetni-kompyuteri.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 5ad4991f2318be5cae3078fc098b8f1b23df3d1bdd75e4a3ad45ffa8b44b77b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 490d6a9154bc91a09d3a223c8d1bea7632d21673_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 355
content-length: 2392
x-request-id: bf319f9a-ba5b-4583-8038-a89329e84c7b

GET
H2 200 3450994011_w230_h230_televizori.jpg
images.prom.ua/ 2 KB
2 KB 605ms
603ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450994011_w230_h230_televizori.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 144d9ede7030fa71d39e255983e58b20d1bd0ff5eb097075b336b92efaa67447

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 4804a857bcfd2f57a1fc6db52515c6144a1a2d50_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-06
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 62
content-length: 1548
x-request-id: 7f5c9a6a-53e9-47da-87e4-ded1383e3114

GET
H2 200 3253385490_w230_h230_dityachij-odyag-ta.jpg
images.prom.ua/ 2 KB
2 KB 755ms
752ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385490_w230_h230_dityachij-odyag-ta.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 1a9836056dc10cc2188b52e6e7855d46ca68a4beb1afd06861a3315cc62fddec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: d5313a466530caa87e5464f72000bdb1676eb7ff_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 476
content-length: 1968
x-request-id: e616c8bf-ea33-4374-a670-184acb56618b

GET
H2 200 3253385496_w230_h230_igrashki.jpg
images.prom.ua/ 3 KB
3 KB 434ms
431ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385496_w230_h230_igrashki.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 30517f545cdbe4e0bd3dadb74a7d5049ef74cfca361fb3ac750eaa6c62e55c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 1e04ffd5b90fc3e33c003a58ef9abd7a44f789d9_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 16
content-length: 2852
x-request-id: df3dfadf-3122-4805-8f73-7efbf6da9d00

GET
H2 200 3448643618_w230_h230_dityachi-kolyaski.jpg
images.prom.ua/ 2 KB
3 KB 756ms
753ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3448643618_w230_h230_dityachi-kolyaski.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: db79878d2ffff5c5de7051b6f9dca84e7df34bb42999e617902f9f4d99375b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: c17d03c45ab848adfe028eb710a10124bf7331f2_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 35
content-length: 2512
x-request-id: e37d11a3-0070-4a42-ac80-3f1f2a8f03fb

GET
H2 200 3253385817_w230_h230_dityachi-mebli.jpg
images.prom.ua/ 1 KB
1 KB 478ms
475ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385817_w230_h230_dityachi-mebli.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: f748eba184df960613999872597a709d7adc82face08df21eaaa9979c53a6d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 9e28f980d3fefbf6a08a40e0f1d5544721852404_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 22
content-length: 1120
x-request-id: 14542317-d125-4811-850c-df90fc562f35

GET
H2 200 3450990935_w230_h230_sportivni-kostyumi.jpg
images.prom.ua/ 2 KB
2 KB 561ms
559ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450990935_w230_h230_sportivni-kostyumi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 354647ed51ee858224b911c15019e6623d9a92bd9598e189b18ed287fc99e992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 87e2fb4ff19ea193d8ca7f930798a57778526b90_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 414
content-length: 1660
x-request-id: 0c069ff7-4289-4da7-8d04-02893a42adeb

GET
H2 200 3447163428_w230_h230_krosivki-ta-kedi.jpg
images.prom.ua/ 3 KB
3 KB 562ms
560ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447163428_w230_h230_krosivki-ta-kedi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: f4f9e27dd7be2010cab5b10419db0d8c551bbb0ce9a690b704fcdddd6a034c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: f79381c188341f2bbdbf535bdf8d1cc0c8e9eb14_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 25
content-length: 2774
x-request-id: eb8ac488-89ba-406a-a241-59bd08eca65a

GET
H2 200 3292211586_w230_h230_trenazheri.jpg
images.prom.ua/ 1 KB
2 KB 519ms
517ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3292211586_w230_h230_trenazheri.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 2d3a285bc41da7d31ed5766dea513bafcfe4b9fba3aba2a18bb23f4aae24419a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: a4680999ca74c12557ef9dbb4dd2d597490a607a_0
x-image-source: Resized original: aws
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 95
content-length: 1350
x-request-id: 958b38d5-57ee-439c-9198-ead40f785c00

GET
H2 200 3292211538_w230_h230_tovari-dlya-ribolovli.jpg
images.prom.ua/ 666 B
984 B 756ms
754ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3292211538_w230_h230_tovari-dlya-ribolovli.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: a5985dc47b8995ceb6035a19624210fc7aa89d796b50d439c06b81002b43e8db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 3bdc5ec73f9d941c021e549d41019b08961a39be_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-06
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 30
content-length: 666
x-request-id: b6791b00-23ec-480a-aa0a-bf14d8937f25

GET
H2 200 3643028882_w230_h230_komplekti-postilnoyi-bilizni.jpg
images.prom.ua/ 2 KB
2 KB 911ms
909ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3643028882_w230_h230_komplekti-postilnoyi-bilizni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: c2977788adee41f88362a1bf02982c5b6af82b3c348421a5b1955f6602574e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: b90a871ac3dafaa20c4ae0dfc03d5fdd9c179f03_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
content-length: 1584
x-request-id: 37692516-772c-4b2f-8bd2-b2a322cb6ac9

GET
H2 200 3643029999_w230_h230_divani.jpg
images.prom.ua/ 828 B
1 KB 476ms
474ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3643029999_w230_h230_divani.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 318a7eb99a398fc1ca10d371ca4ace598e345fc07abae6705fc1a532d2b191ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 435d58d7c89dde69ce2eda1007c6407da3e48723_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
content-length: 828
x-request-id: b2f88371-5415-415f-bda3-f684952d17b6

GET
H2 200 3253385585_w230_h230_posud.jpg
images.prom.ua/ 2 KB
2 KB 476ms
475ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385585_w230_h230_posud.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 8483f404939ebe8cc5c06f5460c44be3d5825b1cbf43b0efcb3d68a868328312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 4ff63dafbc0e355511d998493f103d16cf4420af_0
x-image-source: Resized original: aws
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 100
content-length: 1566
x-request-id: 950b928e-3ce1-4ae1-ab8a-877cbcd5347d

GET
H2 200 3647496025_w230_h230_zasobi-dlya-prannya.jpg
images.prom.ua/ 3 KB
3 KB 754ms
752ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3647496025_w230_h230_zasobi-dlya-prannya.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 93d7544440fa69acb982a8126c66afcd7ca93bb547a4dc88849d2954e378c9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: d7899e3ef413e706eeaa28006242917930e223c4_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 18
content-length: 2990
x-request-id: ec2946c2-af4c-459e-9cc8-de10912bcbb1

GET
H2 200 info Show response
my.bigl.ua/remote/auth/ 12 B
1 KB 95ms
93ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/remote/auth/info

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/143_0fd46032f30cf847616c.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

735c36862ca0cbf9be4300c17809f4cdfaeab800a61254ab5906e20abb935711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
content-length: 12
x-csrftoken: 30e6a9f25f6c4106a9eae68f7da59db2
x-xss-protection: 1; mode=block
x-request-id: 9ff2f9dc-a5f7-4b84-a127-d3cfa4d95993
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: X-CSRFToken, X-SIGN
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-LANGUAGE,X-DisableSafariCORSCheck,Authorization

GET
H2 200 Vaw.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/ 1 KB
1 KB 60ms
60ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/Vaw.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: b9910f1889eee2368444871c18b7f009092754ff93da56ee27ca1587505bcd20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-search-HLW/br-encoded-Vaw.svg
x-amz-request-id: tx000000000000004e7c3a9-00647a3b0d-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-search-HLW/br-encoded-Vaw.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/Vaw.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 565
x-cdn-ruri: /build/js/images/footer-search-HLW/br-encoded-Vaw.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: ferdelance, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 CpBX7.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/ 2 KB
2 KB 61ms
60ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/CpBX7.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 005ed092fa26e76ae99a5613a420e81c377e9767fde19ecdeb651fb681b1464c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-carriage-A/br-encoded-CpBX7.svg
x-amz-request-id: tx000000000000004cf4b93-00647a3b0d-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-carriage-A/br-encoded-CpBX7.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/CpBX7.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 665
x-cdn-ruri: /build/js/images/footer-carriage-A/br-encoded-CpBX7.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-04, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 footer-hearth-MXmUgQg.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 61ms
60ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-hearth-MXmUgQg.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 4c34bdb875f35418f90c3f426b2da0078370e1479dea9cbc18fed6eb97291ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-footer-hearth-MXmUgQg.svg
x-amz-request-id: tx000000000000004e7c394-00647a3b0c-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-footer-hearth-MXmUgQg.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-hearth-MXmUgQg.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 706
x-cdn-ruri: /build/js/images/br-encoded-footer-hearth-MXmUgQg.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: lancehead, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 juk.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/ 2 KB
2 KB 61ms
61ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/juk.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 54f0ff0445947e0b65897e0fc171022a3eb8d8f5b27e839f463c41fbe8d0dafb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-exchange-c0h/br-encoded-juk.svg
x-amz-request-id: tx000000000000004e7c39b-00647a3b0d-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-exchange-c0h/br-encoded-juk.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/juk.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 741
x-cdn-ruri: /build/js/images/footer-exchange-c0h/br-encoded-juk.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-03, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 footer-dog-2UQFQei.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 61ms
61ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-dog-2UQFQei.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 1f30b20cd353571d2a3c6270f9dd7f013676caabfe6ee67be16ebfdc684e7bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-footer-dog-2UQFQei.svg
x-amz-request-id: tx000000000000004e4e589-00647a3b0f-37a4103a-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-footer-dog-2UQFQei.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-dog-2UQFQei.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 979
x-cdn-ruri: /build/js/images/br-encoded-footer-dog-2UQFQei.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-03, callisto
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

POST
H2 204 pageviews
tracker.bigl.ua/endpoint/ 0
161 B 150ms
136ms Ping
text/plain 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bigl.ua/endpoint/pageviews
Requested by: Host: my.bigl.ua
URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bigl.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 18:01:44 GMT
server: nginx
access-control-allow-headers: X-CSRFToken, X-PromUserID
access-control-max-age: 2592000
access-control-allow-methods: POST, GET

OPTIONS
H2 200 track_informer_views
my.bigl.ua/ps/ Frame 0
0 285ms
136ms Preflight 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/ps/track_informer_views

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrftoken,x-requested-with
Access-Control-Request-Method: POST
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, x-csrftoken, x-requested-with, x-promuserid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bigl.ua
content-length: 0
date: Tue, 05 Dec 2023 18:01:44 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: 13af1f70-0829-483d-a09e-17e6d2595346
x-xss-protection: 1; mode=block

POST
H2 200 track_informer_views Show response
my.bigl.ua/ps/ 15 B
419 B 54ms
54ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/ps/track_informer_views

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/143_0fd46032f30cf847616c.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bigl.ua/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-CSRFToken: 30e6a9f25f6c4106a9eae68f7da59db2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, x-csrftoken, x-requested-with, x-promuserid
content-length: 15
x-xss-protection: 1; mode=block
x-request-id: c3e5ddb9-514b-4dc8-bf9b-5616324c46e8

GET
H3 200 question Show response
colbert.evo.company/report/v0/ 20 B
656 B 1294ms
1261ms XHR
application/json 2606:4700:3031::6815:5ed9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert.evo.company/report/v0/question?org=20YqCrYvyNWQpr0v
Requested by: Host: colbert-static.c.prom.st
URL: https://colbert-static.c.prom.st/static/colbert.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:5ed9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c

Request headers

Accept: application/json, text/*
Referer: https://bigl.ua/
X-Script-Version: 1.25.2
Accept-Language: de-DE,de;q=0.9
X-Script-LSR: 26725562351827
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Cookie, Accept-Language
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIC61iP%2F8Mp3NkneZozLJdfqafQaiAtBDA7uDn9BnTiJ1CutaiozBbakAPNFkBha4%2FJDJHiXXDWf53li8Q6wYyX4NUirsN4lJhZ%2Fdhu0dNO5y6wq0%2FpFyOwRfFCA%2BmHNx5Hxd1eB5jXR8gwKGjayf%2BHD"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
cf-ray: 830e32388d5437e6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20

OPTIONS
H2 200 question
colbert.evo.company/report/v0/ Frame 0
0 217ms
177ms Preflight
application/octet-stream 2606:4700:3031::6815:5ed9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert.evo.company/report/v0/question?org=20YqCrYvyNWQpr0v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5ed9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-script-lsr,x-script-version
Access-Control-Request-Method: GET
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-SCRIPT-VERSION,X-SCRIPT-LSR
access-control-allow-methods: GET
access-control-allow-origin: https://bigl.ua
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 830e32373e8965ad-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 05 Dec 2023 18:01:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0ETJ31VhaB1YnDAAJZVb3Qn2u0dY2tg%2F%2BSis6tcbDq65jLhBVpR8Jk8WyHynX%2FDSdVC6luF7hcwEAtQqyCtqKo6WbyYLkpdus%2FADYrKY2rPPXMo9q4C6z5YQkVGNAIjp0pe52GU7tm%2FG2l03CrAn84%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-envoy-upstream-service-time: 9

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame F35D 3 KB
1 KB 185ms
58ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 17:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:18:13 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BCF9 146 KB
49 KB 113ms
59ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW9liAAGatoH_aKEAAt1ls0UPwHAoViAWKL_ew&u=%7C%2B7CZCoB8yJljl0CCinwCab8l0U9kTWDK%2F6XUOZ8A7qI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5ZdRiwGVx3x8Yh6-dSE24gSGKSY1S8Q3_HdqTIDBzcR2MBI_e9g7M8r2ogNJFX409XbEVIc-lJseGxSbxrAKMfobydRCiAD5HU9UAzJaoYXxYAqFcguxnCQIZL9n25wC37paEdk1hQz1lUymWNNXeCvOI12aVzL9ppUeeb5LF2Ja1OTj4Ll12qCzWtspVJhhhbpzlh77TCf9xyBF-S_Rdfb1FuNscQDivFzL2yblvgQo-i42UbcC5nQSK2k5GuQhzT7m0MvkhICtfQhseV4gyqZxvUxamAo5D9cNWozQ8bAWB6ZuMdb4-_5mW8KdmJhiHrCiKz7l-MWVf1MGrmBy39l0UTt73c58TuSEZAmsqCApTIbH4FbLAGHbRHlFJyZf2LsSRDh3o_K8ObP0MwnGaMRW7tV1OsWmIQpsP0h2i6T6Hio1w6CM2wDc_IH4osbhtithBbJSIJIfv6mZ5fUhJvOB4p5s07rK25a4-NFUgyH5BVwqLGWHS2sUirytlh0VU7XRyV8ESBUSeaiKYWPsLjrKA-1lRh8w5RPneAKf4kifwGMKeAzBHQXDyW4EfKa0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZavriGVvZdrVGYTF9u8PluutkArJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc3OTg5OTQyOTMxMDAzMTDIAQmpAuYyFxa4JbI-qAMByAMCqgS6AU_QHzLlegjNMvfuj6gNgCT-6SKjUuDa7ZZD57TWDlzZvMZAV1oLyi-mTWjf8lx8vUfhKilnZITrn63Jnl_PwK0pd4ETGmDq0r7u84piPT4Wyb1YNWwG78YEKkHk7qTmoJnMLnMioGIi5fVi8uvgCKDWdgjNyguhnv-5rsXpAzgQ9BBTW4vK2BptBxDPglz1MtrxKdWSPfbx3e4mEqjU6Ow5OQffQYxifWx6PwCSWRtRpnwu71GRwKznIYAG74Po7sOy7PO9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDlpO48PiCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2yakF_rwaIWefmY7HL1V7kdbcgIQ%26client%3Dca-pub-7798994293100310%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14574ecee15b8e358ce75a2fafed6a92adaf7f2673ed469d0dc6fd515fcf56d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:01:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JytsDD2hhbsBN-ZMMEjGoew4Hc4iIE4IsmYgL_K7IV3nsbfouXYB21RZdgiCRPrKCHNh-Q9XN52pQNCTDswc4DCYyYjpDdVOeRX6He90YsohSxmo-aQX6L3UvMXK3ikE4UnB30CJZitel9DHwwT0tH__z8SK_mnKpE04k5mGYReR1P_zQM_6dXQYzECmt2A61SVEm9RKnpIdmwjz6IccJmFCortaIjfLzO9dtbU6Bwixrm8PunSBrDrMZyvx0xGmJE1WIQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 41416886
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9D56 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame F35D 20 KB
9 KB 172ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F35D 0
0 60ms
59ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTT-GMctIDuYTARgJVLcDORnpt25nseAi_rJMWufciHCjcT6DxN3X0x6dx_rwFZ9yL0WD6ICRkE30zHuew_D-Ruz3B8rw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F35D 202 KB
64 KB 198ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:01:45 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9D56 0
104 B 134ms
67ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEASNtaVAHC-DdTAKJBjV3Vs&google_cver=1&google_push=AXcoOmSWg9dVCYOzPMyujnfCoQnavcCCn6VxT5ggjTMu1V0-ZeLWZTKE6P8JHwoxV_4_kSoyrc0cGKDK9chB9j6uADukFWrM5fpemg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9D56
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPmrwcZ8Hp8zkmaz6v-tVlo&google_cver=1&google_push=AXcoOmT6cdz-YJJy-y-4F79hkxN1W64o-FFoaXrFyfS9IYgD0wwctQeBFXUoSVcakzxCttDpR1ir8wNTGs0No__nrw1DYAl4N6FsAhc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=460EECA0AEE943E3A0FB55B40A88AB23&google_push=AXcoOmT6cdz-YJJy-y-4F79hkxN1W64o-FFoaXrFyfS9IYgD0wwctQeBFXUoSVcakzxCttDpR1ir8wNTGs0No__...

170 B
232 B

47ms
47ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=460EECA0AEE943E3A0FB55B40A88AB23&google_push=AXcoOmT6cdz-YJJy-y-4F79hkxN1W64o-FFoaXrFyfS9IYgD0wwctQeBFXUoSVcakzxCttDpR1ir8wNTGs0No__nrw1DYAl4N6FsAhc

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=460EECA0AEE943E3A0FB55B40A88AB23&google_push=AXcoOmT6cdz-YJJy-y-4F79hkxN1W64o-FFoaXrFyfS9IYgD0wwctQeBFXUoSVcakzxCttDpR1ir8wNTGs0No__nrw1DYAl4N6FsAhc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 18:01:45 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9D56 70 B
149 B 106ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPnYPB85vQpmwuh-kHjtNzA&google_cver=1&google_push=AXcoOmSaIlCA6zrFdny3BEKGl-FhuDfQRN2BmgMoq7ymvbp6ojFEJZXgUhH0kOx5B18KpsgjDd-vLM5ckNUqiSMkEu42y0Dj0fziH4Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9D56
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDSrStPE9q-3ekRfQlc8tW8&google_cver=1&google_push=AXcoOmTngOHxHj5hvMQ5XVWrTaqO35HCvKwAOtlmZkwafRUYHf6sYv7HzDIbpt9RJ1VEQKaLCmm6TRsGJg1qxG...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTE3MjM1OTMzMjAzNDcwOA%3D%3D&google_push=AXcoOmTngOHxHj5hvMQ5XVWrTaqO35HCvKwAOtlmZkwafRUYHf6sYv7HzDIbpt9RJ1VEQKaLCmm6TRsGJg1qxGmnYi...

170 B
243 B

99ms
47ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTE3MjM1OTMzMjAzNDcwOA%3D%3D&google_push=AXcoOmTngOHxHj5hvMQ5XVWrTaqO35HCvKwAOtlmZkwafRUYHf6sYv7HzDIbpt9RJ1VEQKaLCmm6TRsGJg1qxGmnYibXqgvJN-9Pbw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTE3MjM1OTMzMjAzNDcwOA%3D%3D&google_push=AXcoOmTngOHxHj5hvMQ5XVWrTaqO35HCvKwAOtlmZkwafRUYHf6sYv7HzDIbpt9RJ1VEQKaLCmm6TRsGJg1qxGmnYibXqgvJN-9Pbw
Date: Tue, 05 Dec 2023 18:01:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9D56
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC3IZdkYYz1SNGRuc-sx9DY&google_cver=1&google_push=AXcoOmQ2sg9GgF2Pnq85QpI-WCfXnzmlsUxpKiQeHIG_FUaRjE0xidocgFzspEalSI7OQso0eDvp2XwJZrw0zf7JudL6zS2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ2sg9GgF2Pnq85QpI-WCfXnzmlsUxpKiQeHIG_FUaRjE0xidocgFzspEalSI7OQso0eDvp2XwJZrw0zf7JudL6zS2gFwCv6oQ&google_hm=eS1TcTJfQzJWRTJwR0h...

170 B
232 B

46ms
46ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ2sg9GgF2Pnq85QpI-WCfXnzmlsUxpKiQeHIG_FUaRjE0xidocgFzspEalSI7OQso0eDvp2XwJZrw0zf7JudL6zS2gFwCv6oQ&google_hm=eS1TcTJfQzJWRTJwR0hWa044N0NseHVtR2F0WUw3ZWJfM35B

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ2sg9GgF2Pnq85QpI-WCfXnzmlsUxpKiQeHIG_FUaRjE0xidocgFzspEalSI7OQso0eDvp2XwJZrw0zf7JudL6zS2gFwCv6oQ&google_hm=eS1TcTJfQzJWRTJwR0hWa044N0NseHVtR2F0WUw3ZWJfM35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 9D56 43 B
363 B 58ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS18n_ixbFCPCEwjaad7OT8oWi0tUVqDczqK__If10Ghieiiu9e65PQl1DcBT75eZEZfQOxcqbc0p0CquDuL4dZ--xMLBy3ERA&google_gid=CAESEAzxgiyRTFWue4CKikogY-U&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 262078
expires: Tue, 05 Dec 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 9D56
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKOfiZBnC1qQ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSGJQoedPS1tes9-MSt170oMoGU_1laHOOpdjLYayiQqkpL__w2PZWB6jb1PbDzMd_slunO_8boP3yuZWfVBAXsGNYdFw2XPoKq
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

35ms
34ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 18:01:45 GMT
pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9D56 0
130 B 142ms
44ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHScDPLBM229KkV7C3KUyRbwidFvoAiljTrJfz1KjaIgQkbSilJcJ8muwkhefllmGVyoxTjg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 4AED 4 KB
1 KB 175ms
60ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 17:59:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 18:01:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 4AED 2 KB
903 B 63ms
59ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:06 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BCF9 2 KB
1 KB 46ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW9liAAGatoH_aKEAAt1ls0UPwHAoViAWKL_ew&u=%7C%2B7CZCoB8yJljl0CCinwCab8l0U9kTWDK%2F6XUOZ8A7qI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5ZdRiwGVx3x8Yh6-dSE24gSGKSY1S8Q3_HdqTIDBzcR2MBI_e9g7M8r2ogNJFX409XbEVIc-lJseGxSbxrAKMfobydRCiAD5HU9UAzJaoYXxYAqFcguxnCQIZL9n25wC37paEdk1hQz1lUymWNNXeCvOI12aVzL9ppUeeb5LF2Ja1OTj4Ll12qCzWtspVJhhhbpzlh77TCf9xyBF-S_Rdfb1FuNscQDivFzL2yblvgQo-i42UbcC5nQSK2k5GuQhzT7m0MvkhICtfQhseV4gyqZxvUxamAo5D9cNWozQ8bAWB6ZuMdb4-_5mW8KdmJhiHrCiKz7l-MWVf1MGrmBy39l0UTt73c58TuSEZAmsqCApTIbH4FbLAGHbRHlFJyZf2LsSRDh3o_K8ObP0MwnGaMRW7tV1OsWmIQpsP0h2i6T6Hio1w6CM2wDc_IH4osbhtithBbJSIJIfv6mZ5fUhJvOB4p5s07rK25a4-NFUgyH5BVwqLGWHS2sUirytlh0VU7XRyV8ESBUSeaiKYWPsLjrKA-1lRh8w5RPneAKf4kifwGMKeAzBHQXDyW4EfKa0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZavriGVvZdrVGYTF9u8PluutkArJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc3OTg5OTQyOTMxMDAzMTDIAQmpAuYyFxa4JbI-qAMByAMCqgS6AU_QHzLlegjNMvfuj6gNgCT-6SKjUuDa7ZZD57TWDlzZvMZAV1oLyi-mTWjf8lx8vUfhKilnZITrn63Jnl_PwK0pd4ETGmDq0r7u84piPT4Wyb1YNWwG78YEKkHk7qTmoJnMLnMioGIi5fVi8uvgCKDWdgjNyguhnv-5rsXpAzgQ9BBTW4vK2BptBxDPglz1MtrxKdWSPfbx3e4mEqjU6Ow5OQffQYxifWx6PwCSWRtRpnwu71GRwKznIYAG74Po7sOy7PO9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDlpO48PiCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2yakF_rwaIWefmY7HL1V7kdbcgIQ%26client%3Dca-pub-7798994293100310%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BCF9 2 KB
1 KB 44ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BCF9 308 B
637 B 43ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BCF9 293 B
621 B 44ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BCF9 43 B
348 B 66ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Nm-eeTuWwTjyhQFNHOeHBDbtG2G8RapdB0JFmkW57AdKQ7l0wqGbf3IgGS2ihqpAZO__46Ff6N4ANXLWwHCSx4P-6kg0eN-KL_9a9DYoCCj0l2BjXMT1difLgWFnfLNWtw_7f-wCt4HOMu96DqWMhou1FXQUZSPzCkj7hxuCaiewMJdjUQ710yNTVAm_0QF14i-Djjx-nJetZ2IRndHnnd9f_K5SfdfPR8ZVaLTNksXvkRcnvt8AVMIJWUiLISeAp67uV1CIuAAbdhR5_XSOKaXg8xyTBaCknX-y3PZSrl4r0tBZ8WryN4ZxZTOrJ8i_u9zq5TIIxHyyDRIig-mlujsbObMvsUZ_IZuHSV4jRvAEZmNBB2_o_Iz33Kx-fzVRHA1tSzu7qeKJnzSdzkpuyiEKiyxlA6tmb5DcNI7-lNf7JMBH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1515917
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 17839520156104615214
tpc.googlesyndication.com/simgad/ Frame 4AED 9 KB
9 KB 57ms
56ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17839520156104615214

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7384e2c391744d2824d75652b9d5b7ea3614ecc7669b850d48c863f36ca34504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:32:29 GMT
x-content-type-options: nosniff
age: 62956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8770
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 13:53:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 00:32:29 GMT

GET
H2 200 16027007339613945075
tpc.googlesyndication.com/simgad/ Frame 4AED 2 KB
2 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16027007339613945075?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c18b9186dc9953f4b230acced3fb5961dd81b9cc41dd3cd0732d24cc2802d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:51:04 GMT
x-content-type-options: nosniff
age: 90641
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1650
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:55:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 16:51:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 4AED 24 KB
9 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:59:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 4AED 3 KB
1 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 17:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:18:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D065 1 KB
643 B 53ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 4AED 20 KB
8 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AED 202 KB
64 KB 144ms
144ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:01:45 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 4AED 37 KB
16 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BCF9 12 KB
6 KB 19ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BCF9 8 KB
8 KB 111ms
58ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105945&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105945%2F5160659%2Fff5a4f973f4a4fa691420ebd35fdcd12_logo_n_horizontal.png&v=3&w=196&rid=4&s=NPA1YXUCXlKLHwY4-q3EAu5i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

956d85fb205f069873c98d7a3ea8f05fca873b653d3748622a815ac530182a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8380
expires: Fri, 29 Nov 2024 14:19:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BCF9 24 KB
24 KB 80ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105945&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0550%2F8641%2F6048%2Ffiles%2FHomey_Grey_Original_HR.png%3Fv%3D1700560976&v=3&w=400&rid=4&s=76rjtTkEnBRTroh9TetL2Uy9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3573f1307978cf81c7569857b157c7eff1406bc5b751e8613878c56a526a5745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24628
expires: Sat, 16 Nov 2024 11:03:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BCF9 72 KB
73 KB 98ms
46ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105945&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0550%2F8641%2F6048%2Ffiles%2Fbig_hug_xl_woolly_beige_product_beeld_e78c5d46-e4c7-4295-83e6-6a5ad0af1268.png%3Fv%3D1700562598&v=3&w=400&rid=4&s=Igi-jfxhw5dfvzDJOx4RWJxE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8c5b737c026daa17fb2871879b0f6522fb3fa7228138e20631bfcc473fb3bfb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 74043
expires: Sat, 16 Nov 2024 11:03:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BCF9 67 KB
67 KB 111ms
59ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105945&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0550%2F8641%2F6048%2Ffiles%2Fbig_hug_xl_original_grey_product_beeld_04ed5605-5c3c-4317-b67c-adf02d5e30c8.png%3Fv%3D1700562526&v=3&w=400&rid=4&s=0yQSaMS-aqr7JU4cDMsba7Ju&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5578aa9daa99301776e50e7f0fe320b396284be6259235300617efb5ef7ec5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 68503
expires: Sat, 16 Nov 2024 11:03:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BCF9 25 KB
25 KB 89ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105945&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0550%2F8641%2F6048%2Ffiles%2FStoov_Ploov_45x60_Woolly_Beige_HR.png%3Fv%3D1700834969&v=3&w=400&rid=4&s=8oO1NuxWU8_2n8Ig_Myjw2kW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

85e7c593efff1f7126363dde553ccacfde7ddd527e51aa014987c6440a4100da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 25492
expires: Tue, 19 Nov 2024 11:04:35 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BCF9 0
128 B 44ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=JytsDD2hhbsBN-ZMMEjGoew4Hc4iIE4IsmYgL_K7IV3nsbfouXYB21RZdgiCRPrKCHNh-Q9XN52pQNCTDswc4DCYyYjpDdVOeRX6He90YsohSxmo-aQX6L3UvMXK3ikE4UnB30CJZitel9DHwwT0tH__z8SK_mnKpE04k5mGYReR1P_zQM_6dXQYzECmt2A61SVEm9RKnpIdmwjz6IccJmFCortaIjfLzO9dtbU6Bwixrm8PunSBrDrMZyvx0xGmJE1WIQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BCF9 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BCF9 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2 206 e0d42de9ba7f4d3c95cd5a34f9c93d63_copy_of_stoov_de_6_16x9.mp4
static.criteo.net/design/dt/105945/5160659/ Frame BCF9 32 KB
0 20ms
20ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/105945/5160659/e0d42de9ba7f4d3c95cd5a34f9c93d63_copy_of_stoov_de_6_16x9.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 13:50:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "656f2ab8-f9aea"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-1022697/1022698
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 1022698
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
DATA 200
OK truncated
/ Frame F35D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac4e75da88a798443cc663c7914b55a7c3424ca455043c7f844a07fbe962bd00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 206 e0d42de9ba7f4d3c95cd5a34f9c93d63_copy_of_stoov_de_6_16x9.mp4
static.criteo.net/design/dt/105945/5160659/ Frame BCF9 7 KB
7 KB 45ms
44ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/105945/5160659/e0d42de9ba7f4d3c95cd5a34f9c93d63_copy_of_stoov_de_6_16x9.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ec8f377fa0f2dcc9cc2dec77da65195dc67e65b94984a53f44e7b321d517c59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=1015808-

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 13:50:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "656f2ab8-f9aea"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 1015808-1022697/1022698
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 6890
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D065
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGl7NWVVzTVyrxwoSp2I8Cc&google_cver=1&google_push=AXcoOmR_jUOG1TdgqmMM1hNrG4nWaqbmDeLIbBagCu6EKCurtBKP8aWX8uXhlmUTMwT1O6AXAC7WaEnybsiYOmO8JTJXTWzNGvH9Hw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQyMDY4OTExMzQxNzUzNzk4NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGl7NWVVzTVyrxwoSp2I8Cc&google_cver=1

43 B
398 B

87ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGl7NWVVzTVyrxwoSp2I8Cc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 05 Dec 2023 18:01:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGl7NWVVzTVyrxwoSp2I8Cc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D065
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RkhZMEM3ck8xUmF6SlQ1&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&google_cver=1&google_push=AXcoOmShRuIrI9Mg9j5vCAw3jk7MpfZRUEJXofWq1ZESCiO...

170 B
232 B

45ms
45ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RkhZMEM3ck8xUmF6SlQ1&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&google_cver=1&google_push=AXcoOmShRuIrI9Mg9j5vCAw3jk7MpfZRUEJXofWq1ZESCiO2_QPECgrJweL0FftiG10sIjqefPrT1Db1tYOymUOx3l7AX414Kyoi3jE

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 18:01:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RkhZMEM3ck8xUmF6SlQ1&google_gid=CAESEPIS4rg8yYnXqQF_cDU8Mbc&google_cver=1&google_push=AXcoOmShRuIrI9Mg9j5vCAw3jk7MpfZRUEJXofWq1ZESCiO2_QPECgrJweL0FftiG10sIjqefPrT1Db1tYOymUOx3l7AX414Kyoi3jE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D065
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPzBfOqkhRzkeF9gIAbKha4&google_cver=1&google_push=AXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsP...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPzBfOqkhRzkeF9gIAbKha4&google_cver=1&google_push=AXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyq...

43 B
422 B

189ms
171ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPzBfOqkhRzkeF9gIAbKha4&google_cver=1&google_push=AXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830e323aa8f44d86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 38
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPzBfOqkhRzkeF9gIAbKha4&google_cver=1&google_push=AXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQh56894ZMXabOAnEeB_10K8VPwzRxEgNdUxSgyOROGYtqt-b-xc9qS6id9bEBNBGjkaQijlN3w1Mv5kOp153BZPKVCeyqsPoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830e32397f654d86-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D065
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPmrwcZ8Hp8zkmaz6v-tVlo&google_cver=1&google_push=AXcoOmS59KNqGugWPVfkOpm0YKP38r0nAsHGLNoRYLtbrHSaTj30lEAMWx3UMTGZ2F6joBh90Tk95fFmkJZrT1Eys7h6s7RL2_R7jA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D205C2B76B8B4FB9B2A47DFE92574604&google_push=AXcoOmS59KNqGugWPVfkOpm0YKP38r0nAsHGLNoRYLtbrHSaTj30lEAMWx3UMTGZ2F6joBh90Tk95fFmkJZrT1E...

170 B
232 B

45ms
45ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D205C2B76B8B4FB9B2A47DFE92574604&google_push=AXcoOmS59KNqGugWPVfkOpm0YKP38r0nAsHGLNoRYLtbrHSaTj30lEAMWx3UMTGZ2F6joBh90Tk95fFmkJZrT1Eys7h6s7RL2_R7jA

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D205C2B76B8B4FB9B2A47DFE92574604&google_push=AXcoOmS59KNqGugWPVfkOpm0YKP38r0nAsHGLNoRYLtbrHSaTj30lEAMWx3UMTGZ2F6joBh90Tk95fFmkJZrT1Eys7h6s7RL2_R7jA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 18:01:45 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame D065 43 B
146 B 161ms
8ms Image
image/gif 35.156.218.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELgCKThUhSQ_GVl35HiCDY4&google_cver=1&google_push=AXcoOmQIG1sw-EiCVm3ISRAKgzd26cVw3mQWcZNd_6RPsjCwuteAj79gzLAPjm64MOhmeRJEXKKXu70fdx1RWyYqYu-VSnwLXT3x2ko
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.218.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-218-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D065
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC3IZdkYYz1SNGRuc-sx9DY&google_cver=1&google_push=AXcoOmRktLXLXzVtyFzKdlts4bNPG4JBK-uEeFSYnlinCT5pLu8Zd5SEIg69uZ8JAou4AwaVoGv_4miJQtfw7G1iBEmSaE5...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRktLXLXzVtyFzKdlts4bNPG4JBK-uEeFSYnlinCT5pLu8Zd5SEIg69uZ8JAou4AwaVoGv_4miJQtfw7G1iBEmSaE5l5TbIorA&google_hm=eS1TcTJfQzJWRTJwR0h...

170 B
232 B

47ms
46ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRktLXLXzVtyFzKdlts4bNPG4JBK-uEeFSYnlinCT5pLu8Zd5SEIg69uZ8JAou4AwaVoGv_4miJQtfw7G1iBEmSaE5l5TbIorA&google_hm=eS1TcTJfQzJWRTJwR0hWa044N0NseHVtR2F0WUw3ZWJfM35B

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRktLXLXzVtyFzKdlts4bNPG4JBK-uEeFSYnlinCT5pLu8Zd5SEIg69uZ8JAou4AwaVoGv_4miJQtfw7G1iBEmSaE5l5TbIorA&google_hm=eS1TcTJfQzJWRTJwR0hWa044N0NseHVtR2F0WUw3ZWJfM35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D065
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHaCKUuy4EOoPRsrzZteTyg&google_cver=1&google_push=AXcoOmRxZAxLw6gI1E63YCRHY7Qz_qBj0AykDYO_SSp3SD9GWLVFTn74nY2FrRK7SeCOoHzcsPtZElK5kR3y...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRxZAxLw6gI1E63YCRHY7Qz_qBj0AykDYO_SSp3SD9GWLVFTn74nY2FrRK7SeCOoHzcsPtZElK5kR3yDh8LcL1WYPVXLEM9WjI

170 B
232 B

45ms
45ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRxZAxLw6gI1E63YCRHY7Qz_qBj0AykDYO_SSp3SD9GWLVFTn74nY2FrRK7SeCOoHzcsPtZElK5kR3yDh8LcL1WYPVXLEM9WjI

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRxZAxLw6gI1E63YCRHY7Qz_qBj0AykDYO_SSp3SD9GWLVFTn74nY2FrRK7SeCOoHzcsPtZElK5kR3yDh8LcL1WYPVXLEM9WjI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D065 0
49 B 43ms
42ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3EKO6mZnxtsjZ7UpE0M6esmqQXzD14Jnas3m7S2Jj-by0XwMRrPwgE5hi2QAcjl3tCoL9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 4AED 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bb74a58da9014503983a9c0ab260c184f28940e7647638d30b93fac0855d931

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 206 e0d42de9ba7f4d3c95cd5a34f9c93d63_copy_of_stoov_de_6_16x9.mp4
static.criteo.net/design/dt/105945/5160659/ Frame BCF9 967 KB
0 14ms
14ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/105945/5160659/e0d42de9ba7f4d3c95cd5a34f9c93d63_copy_of_stoov_de_6_16x9.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=32768-

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 13:50:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "656f2ab8-f9aea"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-1022697/1022698
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 989930
expires: Fri, 29 Nov 2024 18:01:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F35D 0
19 B 102ms
102ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CipEhiGVvZdrVGYTF9u8PluutkArJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc3OTg5OTQyOTMxMDAzMTDIAQmpAuYyFxa4JbI-qAMByAMCqgS3AU_QHzLlegjNMvfuj6gNgCT-6SKjUuDa7ZZD57TWDlzZvMZAV1oLyi-mTWjf8lx8vUfhKilnZITrn63Jnl_PwK0pd4ETGmDq0r7u84piPT4Wyb1YNWwG78YEKkHk7qTmoJnMLnMioGIi5fVi8uvgCKDWdgjNyguhnv-5rsXpAzgQ9BBTW4vK2BptBxDPglz1MtqzK_QAvWUh4Ej2NXJYyAWdNyDV94ZMZe7O9z00q6RPimS2JcWxKYAG74Po7sOy7PO9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDlpO48PiCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03Nzk4OTk0MjkzMTAwMzEwGAA&sigh=qBbA6XWAigo&uach_m=%5BUACH%5D&cid=CAQSPADICaaNRSzTi55Pc-kNr1kCRk30EdEdKIS6Tl2B3RRv7KvQ8Uv2F0Z6YLS5C6pqeQN5i31J3DPbtyWjqBgB&cbvp=2&vis=1

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 18:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame F35D 0
126 B 64ms
17ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kP2RGMz6RLAJmAKdg2ICAgAAAI4hTM_SY53fEIdlb2Uc9Ku8oFYwH9OjAAASAAAKCkFRVUJEd0VCRHc&wp=ZW9liAAGatoH_aKEAAt1ls0UPwHAoViAWKL_ew&cbvp=2

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 185938
server: Kestrel
content-length: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AED 16 KB
16 KB 182ms
67ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:05:47 GMT
x-content-type-options: nosniff
age: 93358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 16:05:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AED 15 KB
16 KB 168ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:12:30 GMT
x-content-type-options: nosniff
age: 67755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:12:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AED 9 KB
10 KB 228ms
115ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:05:38 GMT
x-content-type-options: nosniff
age: 471367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 07:05:38 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4AED
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CsjLfiGVvZez8Gfmg9u8P_ZqL6A_Dg9XAdJS-0v6iEvXo2r_NARABINf3q3xgleKQgqAHoAGB1MG5KMgBCakC5jIXFrglsj6oAwHIA8sEqgS9AU_QOqSJJksxGk6IGx-z9mNCVhaL4yTFHbh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212819370338484589002%22,%22debug_reporting%22:true,%22destination%22:%22https://soldidesignofficial.com%22,%22event_report...

0
0

144ms
71ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212819370338484589002%22,%22debug_reporting%22:true,%22destination%22:%22https://soldidesignofficial.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210858031617%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217808580363837050177%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12819370338484589002","debug_reporting":true,"destination":"https://soldidesignofficial.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10858031617"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"17808580363837050177"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 18:01:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 18:01:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12819370338484589002","debug_reporting":true,"destination":"https://soldidesignofficial.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10858031617"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"17808580363837050177"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 219ms
106ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93a0f2ef47ffff768934bb13f0dea5e1bff0e2c8bc95393de83a655417615091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12398
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 13B8 51 KB
19 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 22:38:16 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 157ms
72ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 18:01:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 18:01:45 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83F8 13 KB
5 KB 52ms
51ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 17:18:13 GMT
expires: Wed, 04 Dec 2024 17:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD7F 829 B
560 B 68ms
68ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb3821e5c35af90833beea3403306e43b519145f2ff85063fd27f9207f294100

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--RD0LRg_a56p_bxsIXMTSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--RD0LRg_a56p_bxsIXMTSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:01:45 GMT
expires: Tue, 05 Dec 2023 18:01:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 83F8 39 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 15:11:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD7F 0
0 87ms
87ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=1206244760732537&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 83F8 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UHkK0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:01:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=1206244760732537&bg=!sbKlsv3NAAY3kmNgF5I7ADQBe5WfOEdjzJx6rv4Jkv4CsXqEQ19lr_h65sEMnNTR2xBmdgTaRj6bBWEwV804_eom79SoAgAAAE5SAAAAAWgBBwoAETvB2J9DWSNA985LdKoREVMrmQK4ERbBe27_i5SfD-cEf9ZqpIAjHph9-I3esufBHGRSuwA_Hzxe1btcOaLjsPZkw9ig2aJcN6jmzVdkuFnsF61fGypmP8EDPqj0Nr29gsA_4RnWTMwySgwmWFkaQmy9DZZMrOUWNY1J4OgV-jOq3LVMkV_cGi62V6Gvqi0Hnc1Eso_TaZ7FfCiJ0yyQuwRPytgSVJCrq32tU_V42G82xZhaMPH6zSQ2JTVLj5ngn785D6jV9QrzZe4FJO7edF5pYsh-Dxq-H29HTjI8eymUWQEQm7XDAxYC97uYAv4ZfCPX1chZ7wu1MvDjlaJeGCssSWn-yjaII6aCjogl64rFtuzZyckCtSM13AIHDs5FDMXB7HToAY9K2PalDiRCkD3Ip2wrL4xs1M6LsXC90tTM-5s501gDBT2K9uRacAhllvpr4kTjAQQn7aysNdeiSSOjHb3oR7va1eZ1sJ2DIojMnSPZFUx9SMRQZUo1w5oXXm4gLOf2zyENxDsUwj6Cy_NbP6Z4fEerq9K9jTSPUxeHjYeT9Cjna1CDacAP0qV1XrQIiwqbwr6NTuWXnO1cEbo6odVgnlRXs-CJu1lTOqgDjsgb-_GATR3g4yozBcB9gM4PfYFShY41gPWYLNkPtvb8KXvsFQFDyPoMocrtq0XClXgRT5T087wmHEnETv9oBbY-anBuQgVGOHgFMODXTagPj8anAmseTvOF2a788yYLeAKtSUTiIY3bTzsXzAOfu0mO5FdgPZLPgsagI1kPL5jeUphjugdt8svQONajFI5SRa_B860lxA6tKhp3ewFxoP9Olfmbg9KXvPAU68j_mfk_RhFojclCQUw4uDMxfcURci6hNuVk1899fLeDaF0dvbGkvw5WHyvqkqFdMvnlP1Za9ajbzP8aHobDV8TM6nvACVix9AmhygkuPPeT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame BCF9 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 18:01:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bigl.ua/	1970-01-20 17:26:31	Name: cid Value: 316198217199044602016157853220778024539
.bigl.ua/	1970-01-21 01:28:55	Name: evoauth Value: w096827954414459f9dc13e8b8b0561ba
.creativecdn.com/	1970-01-21 01:28:55	Name: u Value: l85syLMAEa1n9EwIlob7
.creativecdn.com/	1970-01-21 01:28:55	Name: g Value: l85syLMAEa1n9EwIlob7_1701799300646
.creativecdn.com/	1970-01-21 01:28:55	Name: c Value: l85syLMAEa1n9EwIlob7_K51AHmEuB5EgCmms8AcE_1701799300646
.creativecdn.com/	1970-01-21 01:28:55	Name: ts Value: 1701799300
.bigl.ua/	1970-01-21 02:19:19	Name: _ga_N053KL2046 Value: GS1.1.1701799300.1.0.1701799300.60.0.0
.bigl.ua/	1970-01-21 02:19:19	Name: _ga Value: GA1.1.1643574719.1701799301
.doubleclick.net/	1970-01-21 02:04:55	Name: IDE Value: AHWqTUlWj9y7LjiHF-CE-J-8_hfitjIJMvbYIa5ar7EQoveQFO6C3h8dWuowxUnabNw
.bigl.ua/	1970-01-21 01:28:55	Name: auth Value: f22a2d9199974476285aee1a63ae7a628f1ddb81
.bigl.ua/	1969-12-31 23:59:59	Name: user_tracker Value: 101641d2d36323cf076bb1b64f50aa8b67ea5313\|185.213.155.146\|2023-12-05
.bigl.ua/	1970-01-21 01:27:28	Name: csrf_token Value: 30e6a9f25f6c4106a9eae68f7da59db2
.adfarm1.adition.com/	1970-01-20 18:52:55	Name: UserID1 Value: 7309172359332034708
.yahoo.com/	1970-01-21 01:29:16	Name: A3 Value: d=AQABBIllb2UCEIXqz7cF_WPbigH2jHvvsD0FEgEBAQG3cGV5ZQAAAAAA_eMAAA&S=AQAAAuJlNfTMfgld2pdvfA_dM-k
.bigl.ua/	1970-01-21 02:04:55	Name: __gads Value: ID=9c7e765d374a94b1:T=1701799304:RT=1701799304:S=ALNI_Ma3Aj7hJSEIkI-tuNBiHub3RdQBSg
.bigl.ua/	1970-01-21 02:04:55	Name: __gpi Value: UID=00000d0b33a07099:T=1701799304:RT=1701799304:S=ALNI_MZmuW7_MGTzNuTUXK3BX6IThdGLLQ
.turn.com/	1970-01-20 21:02:31	Name: uid Value: 3420689113417537984
.simpli.fi/	1970-01-21 01:30:21	Name: suid Value: D205C2B76B8B4FB9B2A47DFE92574604
.w55c.net/	1970-01-21 02:15:00	Name: wfivefivec Value: FHY0C7rO1RazJT5
.w55c.net/	1970-01-20 17:26:31	Name: matchgoogle Value: 5
.tribalfusion.com/	1970-01-20 18:52:55	Name: ANON_ID Value: aintuJt3er66AxvPBQpBo0vh61qD3yLX8TL1wEUqMRIbJeQnDqwrJTOGqBILjsafvHt8j7ZbAZdaXaZceMc9nu7oW6Zd
.googleadservices.com/	1970-01-20 18:52:55	Name: ar_debug Value: 1
colbert.evo.company/	1970-01-21 02:19:19	Name: responder Value: ubuKMFU5FliEFmeuDkNAaHylpChbGOx0eG1oQ0cSbL9vXMMTgpDVBGL-8eYSPY-zuFqbne2meGEc8lKO-Ohihw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://bigl.ua/(Line 5) Message: The key "" is not recognized and ignored.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1701799304&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701799304368&bpp=1&bdt=4050&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891262903462&frm=20&pv=1&ga_vid=1643574719.1701799301&ga_sid=1701799301&ga_hid=1491610352&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079826%2C31079863%2C44807763%2C44808149%2C44808284%2C44809071&oid=2&pvsid=1206244760732537&tmod=660291481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=8 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.eu.criteo.com
bigl.ua
c.cralodas.com.ua
cat.nl3.eu.criteo.com
cm.g.doubleclick.net
colbert-static.c.prom.st
colbert.evo.company
cralodas.com.ua
creativecdn.com
csm.eu.criteo.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
images.prom.ua
m.cralodas.com.ua
match.adsrvr.org
midas-external.bigl.ua
my.bigl.ua
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tracker.bigl.ua
um.simpli.fi
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.181.226
172.217.16.194
178.250.1.6
178.250.1.9
185.184.8.90
193.34.169.10
193.34.169.35
193.34.169.9
2.19.245.101
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2606:4700:3031::6815:5ed9
2606:4700:3037::ac43:d7e6
2606:4700::6812:19ad
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:fa8:8806:20::2010
2a05:d018:d29:3605:885b:36b0:5c58:578
34.91.62.186
35.156.218.59
51.89.9.253
52.223.40.198
52.57.12.239
85.114.159.93
00598bcca0ea5aa6992477fc9a2248fead35792ff8b31a79cf2fd6d3b0dd6607
005ed092fa26e76ae99a5613a420e81c377e9767fde19ecdeb651fb681b1464c
0343bb8536cc4b19147cee2ce5a099500f075ee4114be7b372905eb3dbf0979e
03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c
04b177e329034035c8e7c3dbe2429277cb38632e7ef6630c62ec269807dcf662
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11a45c10ca64c4430b7d83093f410f21588ada06dfdfc6f51d61034ba8ced911
13f117e16f5de815d81f4d771265b76d71b09300a4c15947430f83063202d184
144d9ede7030fa71d39e255983e58b20d1bd0ff5eb097075b336b92efaa67447
14574ecee15b8e358ce75a2fafed6a92adaf7f2673ed469d0dc6fd515fcf56d7
1a9836056dc10cc2188b52e6e7855d46ca68a4beb1afd06861a3315cc62fddec
1bb74a58da9014503983a9c0ab260c184f28940e7647638d30b93fac0855d931
1d02b5b3ed52fdd3a28b77dda363fb5e40dc46ea4f927b00d6150888be2af59a
1f30b20cd353571d2a3c6270f9dd7f013676caabfe6ee67be16ebfdc684e7bd0
1f7144f04381b3893247a99d58f0d2e76bb9f763b6a32d983c17fef12e9ab295
1fb7191825ae8813d328a1f29361bd6689b2545e86c73ec4b17bfe6963a6bb63
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
27210e35c5772a3692e60e31ec08e362364f482123eabaa9330f8f1156f883dd
280d33fddfbaf07884bed285815a8edad464bb0df311b4ed2f544b1ae4cfc600
2b0df2b4fd23ee9e9c20ab0a9c489eb685dd04492330939c1ef7f8b69f9d91e9
2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76
2d3a285bc41da7d31ed5766dea513bafcfe4b9fba3aba2a18bb23f4aae24419a
30517f545cdbe4e0bd3dadb74a7d5049ef74cfca361fb3ac750eaa6c62e55c15
31642bcf25c7ef8846137a0f28cda402fe912e7a204c2a79a22461019151c169
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318a7eb99a398fc1ca10d371ca4ace598e345fc07abae6705fc1a532d2b191ac
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
354647ed51ee858224b911c15019e6623d9a92bd9598e189b18ed287fc99e992
3573f1307978cf81c7569857b157c7eff1406bc5b751e8613878c56a526a5745
3683b52fb3ba3ccfed05389ad070096f8f22fb12df741e3a6c79991f23095fc2
372c5d087f7f5e33888dcd8b682d5a4f9f04d1ed308b8b63144863a921ae12f9
3fcb496e6d885391cffe86d8aaf195cc1312cb1648bc6f48e7fa56bf6252e2d0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49f1117a5e8cce19bc68443dedfcf44c5e0f923bca050f24b7f959526badba6c
4bdd7fa6cf14c27758e296fbca25419c702f10f72941211d35723f58cd59ea70
4c34bdb875f35418f90c3f426b2da0078370e1479dea9cbc18fed6eb97291ed9
4c922650cbaeb5a3c493cd1cb7bb70a94555368f92c0def588cd7a7308f5c222
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f0ff0445947e0b65897e0fc171022a3eb8d8f5b27e839f463c41fbe8d0dafb
5578aa9daa99301776e50e7f0fe320b396284be6259235300617efb5ef7ec5f7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
593fe9a18ffd71661311532440135a7566e98e69cf13b443609c1c45ce966e51
5ad4991f2318be5cae3078fc098b8f1b23df3d1bdd75e4a3ad45ffa8b44b77b5
5c02331a0265eb2ad2c457d9cd0efc3a0b50b985847c0308798efd2bce58f389
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6285c0475f8771a14a9a4167bdd6c1c0510b08bd1c085e76bb92825576fdf5c3
649ec18fafe18e7629f923ddddcbaa80b83d2689ae88236fe44726c67a962bbf
64b797a0ce98432b9720aa97a2a7a6e7f7d86348832f7f06d985d0b0e403debf
669ec742aaec6f8a7dda1316b9e2543ad90f1686959d46f7a24776d7691a03e8
67f6a1798caab7bcbdcce373311203de54911ed8e222ff37727660f11157f89f
682793f881ccbc1c37bd9485d7fc903c219db4ce625177119deef96a79242b2a
6c9ca48a5650819ca779b45c5341678ff51a6d35a38ade010c22355893a20067
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72949c39dee4f6b971dd4cc5dae5bfbd3dfd040f875ea5532bf16decb6ec1245
735c36862ca0cbf9be4300c17809f4cdfaeab800a61254ab5906e20abb935711
7384e2c391744d2824d75652b9d5b7ea3614ecc7669b850d48c863f36ca34504
76891d6d9e9aa0a9da58f39ee074474d1dacb1fcf62415587d1b0d14363b1d6f
77bcb19827fb0f304b72cbd699d60255b8d89b391384c34be07898c24f9f11fa
7efdade6bfd1da73763b9e9e36c0fe1a4e2c319f75ea6ec9ea5126a9279e1f36
7f2428836c373bbbe8ca476b409ce4037058a820dee4c09fb0a58b11f616b6eb
8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849
8483f404939ebe8cc5c06f5460c44be3d5825b1cbf43b0efcb3d68a868328312
85e7c593efff1f7126363dde553ccacfde7ddd527e51aa014987c6440a4100da
8c5b737c026daa17fb2871879b0f6522fb3fa7228138e20631bfcc473fb3bfb2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93a0f2ef47ffff768934bb13f0dea5e1bff0e2c8bc95393de83a655417615091
93d7544440fa69acb982a8126c66afcd7ca93bb547a4dc88849d2954e378c9ab
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
956d85fb205f069873c98d7a3ea8f05fca873b653d3748622a815ac530182a4f
98eb135c1fab0d02e37fe78ed9f115d29f714f5ab26da1407b1b7cd2156bfc22
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abe40126a6dd6e9772715a7a1f3f28164d31a999eec2e102a0a99a1bffda9d1
9c18b9186dc9953f4b230acced3fb5961dd81b9cc41dd3cd0732d24cc2802d9d
9c9dfb8ca0fafac9cc8566795cf9e0640cbd40f7344b8277f3d46a1b03b2cd31
9d404cf14fbf0ff9d1764d7ce3c267be31c307d7ea47b293a32caf4ad663295c
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5985dc47b8995ceb6035a19624210fc7aa89d796b50d439c06b81002b43e8db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8f12bcf04ff138317ecf56ffb528488bbd846ad38e773c6072f6484fe5d9b6d
abcb74faca3abdd232dc5f6dfe36f2ccaf362a6f4c8df0466052ccf11fc15452
ac4e75da88a798443cc663c7914b55a7c3424ca455043c7f844a07fbe962bd00
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09bf3a0004cf70d71cc3639efdd37534ea1b617ffcf2389a91a5db87072355f
b09e8e1bc31057f2427ef033c0585410267086aea113076160276a9596eb8d74
b0fd06f61506be4755268555778bce0e1a29af4fa0e3bb66376801250f7fe5fd
b9910f1889eee2368444871c18b7f009092754ff93da56ee27ca1587505bcd20
bc6d04f1867aa9d1fcc0db04a837b42c1b3843907f703baa1dde6347286311ad
c092ffa0aff369fb8d8a8fcf94b8834306b9b5c370a9728e4e27f369f1390d4c
c2977788adee41f88362a1bf02982c5b6af82b3c348421a5b1955f6602574e49
c86459f402bcaa959ae2894ebaaa5b8bff92488e12118953714099379533f683
c88f30ad811f9de07a6b33e792d70d6fcc02fd18c93ffcaaa05b966287d2386c
c9c69f9ce1741f3e5a0ea13e8d27f5073d6ad337fde898e27710351ebfc14428
d05f0619affb2db80a16b36662d335fa1d3482b331964853db4ede8191aca539
d3ced8de58eb66b0c561f8fce25c5ea34e178acccf61f87a8ca3e43d8ec3648e
db79878d2ffff5c5de7051b6f9dca84e7df34bb42999e617902f9f4d99375b2d
dea7b9942176b176de1e103ee6fd23b2e85342159f3007fec9da0bddd5315509
def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97
e37c4bbcb7a1c857eab6aba6f286fa92be5b7541c3aaa79978e61d522ddb4e75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8c2f572a71772c8473efa12c92a1f13d7d8a47bccf16810f97c4905b48f16
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
eb3821e5c35af90833beea3403306e43b519145f2ff85063fd27f9207f294100
ec8f377fa0f2dcc9cc2dec77da65195dc67e65b94984a53f44e7b321d517c59a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f4177cbb0b0646a5cea0c972812b96e1390fe8ff91b4df681da036ce09d1a9
f4c8bf34e471832635037e18bc7aac5a9a0d81f6ff82925c8c022c7e059e45c7
f4f9e27dd7be2010cab5b10419db0d8c551bbb0ce9a690b704fcdddd6a034c2a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f66f3d6a08c5006bc536cb74578f916288c28db97b853cf07447c886f9178118
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f748eba184df960613999872597a709d7adc82face08df21eaaa9979c53a6d84
f76953cefbafad3a2a837d937bfda12ba073d59b0d1e0605616b25acc059e68a
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

bigl.ua Open in urlscan Pro 193.34.169.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

93 %HTTPS

61 %IPv6

28 Domains

45 Subdomains

34 IPs

9 Countries

1719 kBTransfer

6944 kBSize

23 Cookies

4 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bigl.ua Open in urlscan Pro
193.34.169.35 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

93 %
HTTPS

61 %
IPv6

28
Domains

45
Subdomains

34
IPs

9
Countries

1719 kB
Transfer

6944 kB
Size

23
Cookies

159 HTTP transactions
2 data transactions