bigl.ua Open in urlscan Pro
193.34.169.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aukro.ua/
Effective URL:
https://bigl.ua/
Submission Tags: falconsandbox
Submission: On June 16 via api (June 16th 2023, 12:28:25 pm UTC) from US — Scanned from DE

Summary HTTP 173 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 31 domains to perform 173 HTTP transactions. The main IP is 193.34.169.35, located in Ukraine and belongs to EVO, UA. The main domain is bigl.ua. The Cisco Umbrella rank of the primary domain is 107339.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 1st 2023. Valid for: 3 months.

This is the only time bigl.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	193.34.168.232 193.34.168.232	43896 (EVO) (EVO)
29	193.34.169.35 193.34.169.35	43896 (EVO) (EVO)
34	193.34.169.10 193.34.169.10	43896 (EVO) (EVO)
8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	193.34.169.9 193.34.169.9	43896 (EVO) (EVO)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:46e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 9	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2 2	3.126.192.167 3.126.192.167	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.58.91.78 52.58.91.78	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
173	38

4 193.34.168.232 (Ukraine) 2 redirects

ASN43896 (EVO, UA)

aukro.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gotcha-server.evo.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 193.34.169.35 (Ukraine)

ASN43896 (EVO, UA)
PTR: bigl.ua

bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
midas-external.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 193.34.169.10 (Ukraine)

ASN43896 (EVO, UA)
PTR: images.prom.ua

images.prom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.169.9 (Ukraine)

ASN43896 (EVO, UA)

colbert-static.c.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:46e7 (United States)

ASN13335 (CLOUDFLARENET, US)

colbert.evo.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.192.167 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-167.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.91.78 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-91-78.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	prom.ua images.prom.ua — Cisco Umbrella Rank: 166332	143 KB
31	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9160 csm.eu.criteo.net — Cisco Umbrella Rank: 8989	220 KB
29	bigl.ua bigl.ua — Cisco Umbrella Rank: 107339 my.bigl.ua — Cisco Umbrella Rank: 875744 midas-external.bigl.ua — Cisco Umbrella Rank: 973159 tracker.bigl.ua — Cisco Umbrella Rank: 948630	501 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	287 KB
17	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 124 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	57 KB
9	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2890 adservice.google.com — Cisco Umbrella Rank: 107 ampcid.google.com — Cisco Umbrella Rank: 2322	3 KB
5	criteo.com rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 25981 ads.eu.criteo.com — Cisco Umbrella Rank: 8915 dis.criteo.com — Cisco Umbrella Rank: 601 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9800	60 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	229 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	23 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4835 ampcid.google.de — Cisco Umbrella Rank: 52867	877 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 635	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	450 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	112 KB
2	evo.run gotcha-server.evo.run — Cisco Umbrella Rank: 508727	286 B
2	evo.company colbert.evo.company — Cisco Umbrella Rank: 873346	678 B
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 498	571 B
2	aukro.ua 2 redirects aukro.ua	299 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2376	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44520	611 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	5 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	587 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 751	98 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	543 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	599 B
1	prom.st colbert-static.c.prom.st	56 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	84 KB
173	31

	Domain	Requested by
34	images.prom.ua	bigl.ua
21	bigl.ua	bigl.ua
19	imageproxy.eu.criteo.net	ads.eu.criteo.com
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	bigl.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.google.com	bigl.ua googleads.g.doubleclick.net tpc.googlesyndication.com
5	my.bigl.ua	bigl.ua
4	www.google-analytics.com	bigl.ua www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	gotcha-server.evo.run	bigl.ua
2	colbert.evo.company	colbert-static.c.prom.st
2	midas-external.bigl.ua	bigl.ua
2	adservice.google.com	pagead2.googlesyndication.com
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	www.google.de	bigl.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	creativecdn.com	1 redirects bigl.ua
2	aukro.ua	2 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	dsp.adfarm1.adition.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	tracker.bigl.ua	my.bigl.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	colbert-static.c.prom.st	bigl.ua
1	www.googletagmanager.com	bigl.ua
173	48

This site contains links to these domains. Also see Links.

Domain
help.bigl.ua

Subject Issuer	Validity	Valid
bigl.ua ZeroSSL RSA Domain Secure Site CA	`2023-05-01` - `2023-07-30`	3 months	crt.sh
prom.ua ZeroSSL RSA Domain Secure Site CA	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
c.prom.st ZeroSSL RSA Domain Secure Site CA	`2023-05-07` - `2023-08-05`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-04` - `2023-10-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
evo.run ZeroSSL RSA Domain Secure Site CA	`2023-05-01` - `2023-07-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://bigl.ua/
Frame ID: A3201DC24799B52B0A4D7333CFC471F9
Requests: 86 HTTP requests in this frame

Frame: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
Frame ID: CCE052078651878108D8B17CCDA671D5
Requests: 1 HTTP requests in this frame

Frame: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
Frame ID: BCE6F720CED2993252A05E23DC459CFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: 8081A98A4F770DA2D6749641F7121C78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&adk=1812271804&adf=3025194257&lmt=1686918499&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbigl.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918499425&bpp=4&bdt=386&idt=216&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2143166722712&frm=20&pv=2&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: 258BFD224F2A89483A12462C2DBA9F99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31
Frame ID: E2E12268D2A7F56C86544232175F8329
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=1&bdt=1353&idt=1&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0%2C1200x280&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qFc2xgK3Gt&p=https%3A//bigl.ua&dtd=38
Frame ID: C86259502C27C33322BA379BA22DD864
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZIxVZAAG-wcK5sGyAAAZk2oBEQHsUjnhyWj5yw&u=%7COPjhYzn0K1bbK2%2B5V5hZUk5NaviMu3Z9krZDFWmtbQY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866tAr3ahIOoyyjMrEUTRjVSJxMgOnd_ocpYbVzZwsIR7WfESggEhukhrodYHm2KEBRZnjcrwsquNNcWXk0PRT5OpQMTEN4FvzV-dF-MnLtoCDM4H7c4tCqAtAE_dt3PmmDbwvQQe5BPcFL_hyFKLXvDqv_dTn2Lo1QLIB79-w6hZvaDL5atghqaJK3_cEJ6pWpBnzgSSoQOQlFN6ObY2X6m6bBmGOQvZmWkOf1YpHml_3QEPkCG5oAyNvuZjLNPsEA3X9upIAC9UbkL7CDOxG_9kaAIlsDh0w-H_32HViafC0haHAplnn3fpZ_jrnzxGQaH4ctwCphxJZF3aykFkzUNtuHivPN3TeaDHv8BbuUU6a29ZWhAtlHj8ZUVP38TAY1nPV5B8FmZYJoY_2t835xECKlkagorQD54KE3gDrixvsFdMYLz_84qwjGg39po1LDHI5jZ1cATCsSdNzV0UbUQTCHDtdoD0wq9dYPPaId3LzRVa2Q5RdbEqcXnZNpdBRAp1TxYl-hu5k-AV8iveq9wFfHsSUrkhfNSy6aV-A4n-zTl_7Lz3_ps&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe_z2ZFWMZIf2G7KDmweTs4DQBsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzc5ODk5NDI5MzEwMDMxMMgBCakCDoALnjRfsj6oAwGqBLYBT9B71_Ln6YpM-LTaGxtYk_22v8rVx5Skm-78N0ry3xX2AbyHjBa1ARrEvS6QNxeIob0Ym8NSRHv69BGtyE5gna3hRdHJb46jN6TKU6hpYzRIeKmvEyuL_AMTB-1j9nhr2e8BiUj1So6HT14aIj8TublN85w1CWlqn4NO5pT7ndoMtnMR8W2dtBwjbPD2D_SGoNd9fpdNJuwiajFnbdYBQFC1TU8yC7CeQQ_4IqQn9euoiutyYs6ABp3-mre-xuiJmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1uQ1-ICqaZuesbVgRGAVUJobDpwg%26client%3Dca-pub-7798994293100310%26adurl%3D
Frame ID: B8B0D3688FF5746AC5C04EBFCA9939F2
Requests: 34 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4976C6D94B47C642D3BB160547FCC66F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00A3BBDF695ED357B671D0F363978E70
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: D30365C60C3FD020F114519517E20DAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67E5940A152EF3BE44CBAF35991A0E7D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9850CD5B23BFC127DA68F7E67A481C34
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bigl.ua — 61 688 719 товарів від перевірених продавців з усієї України!

Page URL History Show full URLs

http://aukro.ua/ HTTP 301
https://aukro.ua/ HTTP 301
https://bigl.ua/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

173
Requests

95 %
HTTPS

60 %
IPv6

31
Domains

48
Subdomains

38
IPs

8
Countries

1785 kB
Transfer

6182 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://help.bigl.ua/uk/section/8-dlja-pokupciv
Title: Довідка

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aukro.ua/ HTTP 301
https://aukro.ua/ HTTP 301
https://bigl.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home HTTP 302
https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1

Request Chain 101

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAiYv5YbP4R_InBHIJsYzwQ&google_cver=1&google_push=ATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAiYv5YbP4R_InBHIJsYzwQ&google_cver=1&google_push=ATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 102

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKoVUlwtXfpeUapIVEs_WwI&google_cver=1&google_push=ATf1kGNHFHm-fndDNU-8cYR_HpinMj4DNdWIEoA3upvt4ByUkXcXsiKm6nE1sqmKebQwT_WA0p_bjpQROb45Yf2kfroB4Rk7ZsOGrA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKoVUlwtXfpeUapIVEs_WwI&google_push=ATf1kGNHFHm-fndDNU-8cYR_HpinMj4DNdWIEoA3upvt4ByUkXcXsiKm6nE1sqmKebQwT_WA0p_bjpQROb45Yf2kfroB4Rk7ZsOGrA

Request Chain 104

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENDAPzipGYlWGGjpBWkh2cY&google_cver=1&google_push=ATf1kGNi5P1mxp9V5slTPtDnhWuISN78k0PTMQ8G_fQd55cEU4EIsMjVXqD2FihykctVMEJQUJQJdQOKHn-JDApo_nAJJCNwFxgMs94 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTI1OTc5MjgyNDQwMDAxOQ%3D%3D&google_push=ATf1kGNi5P1mxp9V5slTPtDnhWuISN78k0PTMQ8G_fQd55cEU4EIsMjVXqD2FihykctVMEJQUJQJdQOKHn-JDApo_nAJJCNwFxgMs94

Request Chain 106

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAso1ijnYR3hixMI4nhc65Q&google_cver=1&google_push=ATf1kGOQRDDtqT7u1VmYSSDcU6-5nD3574r_zag8Uwgt64KvWZ4qJo1DAA2DJurAArCyO4992Aeaf3n7hwD9_owB6BdLHidmLJsmh6V_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOQRDDtqT7u1VmYSSDcU6-5nD3574r_zag8Uwgt64KvWZ4qJo1DAA2DJurAArCyO4992Aeaf3n7hwD9_owB6BdLHidmLJsmh6V_ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 153

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&google_cver=1&google_push=ATf1kGPOdwiyLQ-FAKfggnct729SKCxkYmqDVe_OOVoiOqUD2Olq6Zf6Anm_rAnujLmxQ1DUZLSumA0x7OjeGR7wPV_53ZKBfL282w HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&google_cver=1&google_push=ATf1kGPOdwiyLQ-FAKfggnct729SKCxkYmqDVe_OOVoiOqUD2Olq6Zf6Anm_rAnujLmxQ1DUZLSumA0x7OjeGR7wPV_53ZKBfL282w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdqTWJmdEIxUWE4eVY1&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&google_cver=1&google_push=ATf1kGPOdwiyLQ-FAKfggnct729SKCxkYmqDVe_OOVoiOqUD2Olq6Zf6Anm_rAnujLmxQ1DUZLSumA0x7OjeGR7wPV_53ZKBfL282w

Request Chain 155

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFE_6xtYlYLiC_XuYfnESjM&google_cver=1&google_push=ATf1kGPmz1LzGrae_JqSoE1AmhDZJytg3sR6ekQ3a17CWevHqEYvzLvcQwUlHRZBXFcIdDTz_zgUJeGFL8Sob6AJUZnAOE8FI7p_kA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPmz1LzGrae_JqSoE1AmhDZJytg3sR6ekQ3a17CWevHqEYvzLvcQwUlHRZBXFcIdDTz_zgUJeGFL8Sob6AJUZnAOE8FI7p_kA&google_hm=mlJH-6QUTQSrFf6ejgln1Jo

Request Chain 157

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI24VNOvQ4ItbzSdACGmFhQ&google_cver=1&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjtuNz8osOEsA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI24VNOvQ4ItbzSdACGmFhQ&google_cver=1&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjtuNz8osOEsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjtuNz8osOEsA&google_hm=jL3RQpZRRKCZWHKHSpJBGg==

Request Chain 158

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK46BrgTm10Qeaw8-oIxqa8&google_cver=1&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCslFoYMqLrBQulNZH5M_lG3bl6xGA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK46BrgTm10Qeaw8-oIxqa8&google_cver=1&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCslFoYMqLrBQulNZH5M_lG3bl6xGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIzODAyNjE2NDQ4OTcxNDI0MQ&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCslFoYMqLrBQulNZH5M_lG3bl6xGA

173 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bigl.ua/
Redirect Chain

http://aukro.ua/
https://aukro.ua/
https://bigl.ua/

96 KB
22 KB

794ms
610ms

Document
text/html

193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

83cd8485a2ba667665c983e725c1d470e18b547f46484b97672d505ec0817152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 12:28:18 GMT
etag: W/"181ec-y3pSdalcF9pDoqMZZyygGy61nuM"
link: </cloud-cgi/static/corgi/build/js/ui_dc073e1dc2fcb117198b.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/corgi_870f5b6660538188a043.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/corgi_runtime_0700a3e5c38a7da40f3c.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/ui_e73365b569c9522fcd9c.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/739_020c752a1c751b30589c.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/151_fb032d4c80e8154f9e2e.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/771_d5143bf7d218c82fb7a8.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/corgi_65e6223c7b70f7d9769e.uk.es6.js>; rel=preload; as=script; nopush,<https://my.bigl.ua>; rel=preconnect,<https://stats.g.doubleclick.net>; rel=preconnect,<https://www.google.com.ua>; rel=preconnect,<https://www.google.com>; rel=preconnect,<https://images.ua.prom.st>; rel=preconnect,<https://www.google-analytics.com>; rel=preconnect
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: 56a962a9-bc2b-4443-8a25-cf5609fcca03
x-xss-protection: 1; mode=block

Redirect headers

content-length: 22
content-type: text/plain; charset=utf-8
date: Fri, 16 Jun 2023 12:28:18 GMT
location: https://bigl.ua
server: nginx
x-envoy-upstream-service-time: 1

GET
H2 200 ui_dc073e1dc2fcb117198b.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 250 KB
12 KB 97ms
95ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/ui_dc073e1dc2fcb117198b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 63b4b46e244c00faeae3dadbd4c400efc75cc376d8d9209c6ada498fa8198456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-ui_dc073e1dc2fcb117198b.css
x-amz-request-id: tx000000000000004e7c401-00647a3b0d-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-ui_dc073e1dc2fcb117198b.css, cbigl.ua/cloud-cgi/static/corgi/build/js/ui_dc073e1dc2fcb117198b.css
x-cache-status: MISS, MISS, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 11656
x-cdn-ruri: /build/js/br-encoded-ui_dc073e1dc2fcb117198b.css, http_x_cdn_ruri
last-modified: Wed, 31 May 2023 14:42:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: sidewinder, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 corgi_870f5b6660538188a043.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 20 KB
6 KB 97ms
96ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_870f5b6660538188a043.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: b96a2face9049bb6b283acacc8f92fc40f3cd73be97ba80a881dc5744d9ebaf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_870f5b6660538188a043.css
x-amz-request-id: tx000000000000004cf4b81-00647a3b0d-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_870f5b6660538188a043.css, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_870f5b6660538188a043.css
x-cache-status: MISS, MISS, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4962
x-cdn-ruri: /build/js/br-encoded-corgi_870f5b6660538188a043.css, http_x_cdn_ruri
last-modified: Wed, 31 May 2023 14:42:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: nginx-cache-02, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 corgi_runtime_0700a3e5c38a7da40f3c.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 19 KB
5 KB 147ms
146ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_runtime_0700a3e5c38a7da40f3c.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: f8aab94b8aae9d1ee431e2af4921119fe4a95fdecfb78c6dfd76785e06521586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_runtime_0700a3e5c38a7da40f3c.uk.es6.js
x-amz-request-id: tx00000000000000221be44-00648854e3-388ed708-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_runtime_0700a3e5c38a7da40f3c.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_runtime_0700a3e5c38a7da40f3c.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4657
x-cdn-ruri: /build/js/br-encoded-corgi_runtime_0700a3e5c38a7da40f3c.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 13 Jun 2023 07:51:59 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-05, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 ui_e73365b569c9522fcd9c.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 174 KB
20 KB 148ms
146ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/ui_e73365b569c9522fcd9c.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 06316b9ba8cfafe0c219bfb1d1cafa097d162b4b3d39556d24cc3dfcb32a9fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-ui_e73365b569c9522fcd9c.uk.es6.js
x-amz-request-id: tx000000000000004cf4c02-00647a3b0e-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-ui_e73365b569c9522fcd9c.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/ui_e73365b569c9522fcd9c.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 19651
x-cdn-ruri: /build/js/br-encoded-ui_e73365b569c9522fcd9c.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 31 May 2023 14:42:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-05, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 739_020c752a1c751b30589c.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 1 MB
253 KB 148ms
147ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/739_020c752a1c751b30589c.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 7bd1e39b67ad2cec2d4ac29da3e1612528c46e43c9f758f15bd6f2ab544c66d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-739_020c752a1c751b30589c.uk.es6.js
x-amz-request-id: tx000000000000004e7c482-00647a3b0e-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-739_020c752a1c751b30589c.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/739_020c752a1c751b30589c.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 257589
x-cdn-ruri: /build/js/br-encoded-739_020c752a1c751b30589c.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 30 May 2023 11:15:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: sidewinder, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 151_fb032d4c80e8154f9e2e.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 244 KB
45 KB 148ms
147ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/151_fb032d4c80e8154f9e2e.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: d20958131bd54831cbbd3fe728789d3249362ec345b2d581b3cfee5384fe1239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-151_fb032d4c80e8154f9e2e.uk.es6.js
x-amz-request-id: tx000000000000004cf4c04-00647a3b0e-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-151_fb032d4c80e8154f9e2e.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/151_fb032d4c80e8154f9e2e.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 45574
x-cdn-ruri: /build/js/br-encoded-151_fb032d4c80e8154f9e2e.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 11 Apr 2023 10:51:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 771_d5143bf7d218c82fb7a8.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 314 KB
44 KB 148ms
147ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/771_d5143bf7d218c82fb7a8.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 7e275c64cddc013b16ad1b05ea5fd3ba39845abed2d73c2a90dec3fabe65cdb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-771_d5143bf7d218c82fb7a8.uk.es6.js
x-amz-request-id: tx000000000000004e4e50d-00647a3b0e-37a4103a-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-771_d5143bf7d218c82fb7a8.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/771_d5143bf7d218c82fb7a8.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 44326
x-cdn-ruri: /build/js/br-encoded-771_d5143bf7d218c82fb7a8.uk.es6.js, http_x_cdn_ruri
last-modified: Fri, 02 Jun 2023 16:38:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-06, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 corgi_65e6223c7b70f7d9769e.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 687 KB
55 KB 148ms
148ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_65e6223c7b70f7d9769e.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 253f23d878f91cec1745639de57eb0739305fad3d4db8095aefdb980e3a5175b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_65e6223c7b70f7d9769e.uk.es6.js
x-amz-request-id: tx000000000000004cf4b69-00647a3b0d-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_65e6223c7b70f7d9769e.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_65e6223c7b70f7d9769e.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 55532
x-cdn-ruri: /build/js/br-encoded-corgi_65e6223c7b70f7d9769e.uk.es6.js, http_x_cdn_ruri
last-modified: Fri, 02 Jun 2023 16:38:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: ferdelance, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 4610104302_w1750_h80_4610104302.png
images.prom.ua/ 7 KB
7 KB 176ms
52ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4610104302_w1750_h80_4610104302.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 2fe84450dfcba228b62d6c47c82e292d485c6252abc92365f06104b49e409f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 6be37fe57c2866bc969d508a3f9bb57ac45c242e_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 19
content-length: 7274

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 196ms
114ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efef621ab4afe8571d7fe04fc04465a3b09fb38407227ad333b86807f74fb339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47614
x-xss-protection: 0
server: cafe
etag: 12692530664977059277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 12:28:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 126ms
44ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N053KL2046

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48620aca298a38cd2518ee9198ff25c250c7f42b1925855e1384149d4583ea5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Jun 2023 12:28:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 10:35:21 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6778
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 16 Jun 2023 12:35:21 GMT

GET
H2 200 gotcha-min.js Show response
bigl.ua/cloud-cgi/static/gotcha/ 3 KB
2 KB 127ms
125ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/gotcha/gotcha-min.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 64b797a0ce98432b9720aa97a2a7a6e7f7d86348832f7f06d985d0b0e403debf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: gzip
x-amz-request-id: tx000000000000000b04acd-00648c5284-38e84497-openstack-1
x-cache-key: cdngotcha.c.evo.dev/gotcha-min.js, cbigl.ua/cloud-cgi/static/gotcha/gotcha-min.js
x-cache-status: EXPIRED, EXPIRED, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1321
x-cdn-ruri: /gotcha-min.js
x-uri2: gotcha.c.evo.dev/gotcha-min.js
last-modified: Fri, 24 Mar 2023 12:03:13 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, eunomia
x-lb-fallback: true
x-rgw-object-type: Normal
cache-control: public,max-age=259200
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 logo2x-ImkFlCC.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 943 B
2 KB 127ms
125ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/logo2x-ImkFlCC.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: e4f8c2f572a71772c8473efa12c92a1f13d7d8a47bccf16810f97c4905b48f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
x-amz-request-id: tx000000000000004cf4bad-00647a3b0e-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/logo2x-ImkFlCC.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/logo2x-ImkFlCC.png
x-cache-status: MISS, MISS, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 943
x-cdn-ruri: /build/js/images/logo2x-ImkFlCC.png
x-uri2: corgi.c.evo.dev/build/js/imageslogo2x-ImkFlCC.png
last-modified: Mon, 29 Nov 2021 13:29:15 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: habu, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 4609838491_w730_h360_4609838491.png
images.prom.ua/ 8 KB
9 KB 226ms
103ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4609838491_w730_h360_4609838491.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 3909aae2d9ad789c09afcd2545110db39e9180e203ab438bc2d03f829764889e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 67f6c863019cab61a7b6b09cdf4765e3caf208ee_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 72
content-length: 8408

GET
H2 200 4609852501_w730_h360_4609852501.png
images.prom.ua/ 7 KB
7 KB 278ms
155ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4609852501_w730_h360_4609852501.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: e27eb039db324882c60620df691db93af5142fd2ff1a8746f6a2943be39ae7df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 93250467ced9270444d45a7d1db740a6fb8634a9_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 61
content-length: 7172

GET
H2 200 4609855126_w730_h360_4609855126.png
images.prom.ua/ 8 KB
8 KB 226ms
103ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4609855126_w730_h360_4609855126.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: b17a993a135a307a1bb2c0bb792acdc7695117860f8d361e569dd85b4040f8d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 12e0c991df55f8b800d569041dd8e2d83cdbc997_0
x-image-source: Resized original: mango
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 80
content-length: 8390

GET
H2 200 4568604906_w730_h360_4568604906.png
images.prom.ua/ 20 KB
21 KB 278ms
155ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4568604906_w730_h360_4568604906.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 48a18c245b692be342d2e24c87a73c1aee0de138fae3f6536239d565fb88268c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 0f780d8fa4e15b2246c5ed9f882fc671d545bc77_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 112
content-length: 20888

GET
H2 200 4609541165_w730_h360_4609541165.png
images.prom.ua/ 14 KB
14 KB 276ms
154ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4609541165_w730_h360_4609541165.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: b08007d4faf7e66dc265568738d849f66679b83b8159a73a0f58cfbd7f8f9fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 742424c82bbdcc0499a029a46d98ccdb4f739efd_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 51
content-length: 14388

GET
H2 200 safe-shopping-SOaL0Ro.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 127ms
125ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/safe-shopping-SOaL0Ro.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c092ffa0aff369fb8d8a8fcf94b8834306b9b5c370a9728e4e27f369f1390d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg
x-amz-request-id: tx000000000000004e4e4db-00647a3b0e-37a4103a-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/safe-shopping-SOaL0Ro.svg
x-cache-status: MISS, MISS, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 794
x-cdn-ruri: /build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: whiptails, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 adv_teasers.js Show response
bigl.ua/cloud-cgi/static/uaprom-static/js/ 20 B
841 B 127ms
126ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-uri1: uaprom-static.c.evo.dev/js/br-encoded-adv_teasers.js
x-amz-request-id: tx00000000000000a5887d5-0063fcb60b-2e6b5661-openstack-1
x-cache-key: cdnuaprom-static.c.evo.dev/js/br-encoded-adv_teasers.js, cbigl.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 25
x-cdn-ruri: /js/br-encoded-adv_teasers.js, http_x_cdn_ruri
last-modified: Fri, 13 Nov 2020 11:24:00 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-04, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 bare.js Show response
my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/ 11 KB
5 KB 279ms
229ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 4bdd7fa6cf14c27758e296fbca25419c702f10f72941211d35723f58cd59ea70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: gzip
x-amz-request-id: tx00000000000000b4331af-0064009290-2e6b5661-openstack-1
x-cache-key: cdnclerk.c.evo.dev/v4.3.2/bare.js, cmy.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4047
x-cdn-ruri: /v4.3.2/bare.js
x-uri2: clerk.c.evo.dev/v4.3.2bare.js
last-modified: Wed, 21 Jul 2021 08:17:26 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: lancehead, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 143ms
58ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

398f80c7588f373a3578db5be8d686a9c047d3f121acbca625ab47076469945a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Fri, 16 Jun 2023 12:28:19 GMT

GET
H2 200 solve.js Show response
bigl.ua/cloud-cgi/static/power/ 34 KB
12 KB 127ms
126ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/power/solve.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: gzip
x-amz-request-id: tx00000000000000b49fe19-0064009346-2e2ce0d4-openstack-1
x-cache-key: cdnpower.c.evo.dev/solve.js, cbigl.ua/cloud-cgi/static/power/solve.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 11492
x-cdn-ruri: /solve.js
x-uri2: power.c.evo.dev/solve.js
last-modified: Wed, 16 Jun 2021 10:04:17 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, eunomia
x-lb-fallback: true
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 colbert.js Show response
colbert-static.c.prom.st/static/ 210 KB
56 KB 228ms
105ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert-static.c.prom.st/static/colbert.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76

Request headers

Referer: https://bigl.ua/
Origin: https://bigl.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-amz-request-id: tx0000000000000028de292-0063ada7b7-2cc722fb-openstack-1
x-cache-key: cdncolbert-static.c.prom.st/static/br-encoded-colbert.js
x-cache-status: HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 56921
x-cdn-ruri: /static/br-encoded-colbert.js
last-modified: Wed, 23 Jun 2021 07:49:54 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: himehabu
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: lancehead

GET
H2

204

tags
creativecdn.com/ Frame CCE0
Redirect Chain

https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home
https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1

0
0

18ms
18ms

Document
text/plain

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 16 Jun 2023 12:28:19 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H2 200 iframe.html Show response
my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/ Frame BCE6 3 KB
2 KB 271ms
229ms Document
text/html 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: f66f3d6a08c5006bc536cb74578f916288c28db97b853cf07447c886f9178118

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
content-length: 1365
content-type: text/html
date: Fri, 16 Jun 2023 12:28:19 GMT
last-modified: Wed, 21 Jul 2021 08:17:26 GMT
server: nginx
x-amz-request-id: tx00000000000000b49c6d6-0064009290-2e2ce0d4-openstack-1
x-amz-storage-class: STANDARD
x-cache-key: cdnclerk.c.evo.dev/v4.3.2/iframe.html cmy.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
x-cache-source: local
x-cache-status: HIT HIT HIT
x-cache-type: main
x-cdn-ruri: /v4.3.2/iframe.html
x-fallback: true
x-lb-name: sidewinder
x-rgw-object-type: Normal
x-servant: nginx-cache-02 eunomia
x-trouble: IAMHERE
x-uri2: clerk.c.evo.dev/v4.3.2iframe.html

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 50ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N053KL2046&gtm=45je36e0&_p=376242648&_gaz=1&cid=1390311358.1686918499&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686918499&sct=1&seg=0&dl=https%3A%2F%2Fbigl.ua%2F&dt=Bigl.ua%20%E2%80%94%2061%20688%20719%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D1%83%D1%81%D1%96%D1%94%D1%97%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8!&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N053KL2046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigl.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 59ms
18ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N053KL2046&cid=1390311358.1686918499&gtm=45je36e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N053KL2046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigl.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 147ms
60ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N053KL2046&cid=1390311358.1686918499&gtm=45je36e0&aip=1&z=1508591418

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 419 KB
169 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41f0f6e9abce97c5dc8366d88ba43460d877ef249ac1205e271220292f798b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Origin: https://bigl.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 18:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172144
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 18:07:32 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7798994293100310&plah=bigl.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70cb8b2475132f48835904adeaa01f6579ab9107babd9915a8aba1e2af1b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120775
x-xss-protection: 0
server: cafe
etag: 5500030506218712279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 12:28:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame 8081 10 KB
5 KB 117ms
35ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 18:04:50 GMT
etag: 15057649708203361565
expires: Thu, 29 Jun 2023 18:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
599 B 137ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bigl.ua&callback=_gfp_s_&client=ca-pub-7798994293100310

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7798994293100310&plah=bigl.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47cfb5ffee0f8343f8e36c0f7c25db9a0077a90942bc767ec90d29448210720c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 143ms
53ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bigl.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 258B 0
188 B 202ms
201ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&adk=1812271804&adf=3025194257&lmt=1686918499&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbigl.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918499425&bpp=4&bdt=386&idt=216&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2143166722712&frm=20&pv=2&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 12:28:19 GMT
expires: Fri, 16 Jun 2023 12:28:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 view
midas-external.bigl.ua/rest/cart/ Frame 0
0 267ms
56ms Preflight
text/plain 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://midas-external.bigl.ua/rest/cart/view?source=bigl&shoppingCartIdent

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-language,x-requested-with
Access-Control-Request-Method: GET
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-evo-access-token, x-evo-user-id, x-evo-user-profile, x-requested-with, x-language
access-control-allow-origin: https://bigl.ua
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 16 Jun 2023 12:28:20 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: a86eb455-4efe-49f9-be55-c22dd9accc25
x-xss-protection: 1; mode=block

GET
H2 200 view Show response
midas-external.bigl.ua/rest/cart/ 105 B
369 B 103ms
103ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://midas-external.bigl.ua/rest/cart/view?source=bigl&shoppingCartIdent

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/739_020c752a1c751b30589c.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

0343bb8536cc4b19147cee2ce5a099500f075ee4114be7b372905eb3dbf0979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bigl.ua/
X-LANGUAGE: uk
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bigl.ua
access-control-allow-credentials: true
content-length: 105
x-xss-protection: 1; mode=block
x-request-id: 55a020c4-80cd-4e2e-b4fa-98a8567a304e

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 47ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bigl.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2E1 32 KB
14 KB 759ms
758ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb649b8984a9cd57877139f7e8eb2034fac8a696d9d8d50ce3eeb99f12728ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13892
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 12:28:21 GMT
expires: Fri, 16 Jun 2023 12:28:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C862 101 KB
36 KB 1187ms
1186ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=1&bdt=1353&idt=1&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0%2C1200x280&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qFc2xgK3Gt&p=https%3A//bigl.ua&dtd=38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66f0e4d517b500c96f65ab3a8e9b6fd617a8c4f0d76cfc88d5ccf14134e30d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37081
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 12:28:21 GMT
expires: Fri, 16 Jun 2023 12:28:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 graphql Show response
bigl.ua/ 424 B
1 KB 91ms
90ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://bigl.ua/graphql

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/739_020c752a1c751b30589c.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

2c37e5b74f3e39e565c5b5329ca44bfdc17695b6fec2e2dbfcdaa00d152c02cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept: */*
Referer: https://bigl.ua/
x-language: uk
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
content-length: 424
x-xss-protection: 1; mode=block
x-request-id: 1a486876-ddb0-4d59-9048-010d86848e3c
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bigl.ua
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-LANGUAGE,X-DisableSafariCORSCheck,Authorization

GET
H2 200 info Show response
my.bigl.ua/remote/auth/ 12 B
1 KB 62ms
62ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/remote/auth/info

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/739_020c752a1c751b30589c.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

735c36862ca0cbf9be4300c17809f4cdfaeab800a61254ab5906e20abb935711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
content-length: 12
x-csrftoken: 0a726071ddd54b8d80eb425932555450
x-xss-protection: 1; mode=block
x-request-id: eae6c3b6-05da-4d08-9534-9e7bd4455acc
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: X-CSRFToken, X-SIGN
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-LANGUAGE,X-DisableSafariCORSCheck,Authorization

GET
H2 200 2470968757_w200_h200_2470968757.jpg
images.prom.ua/ 8 KB
8 KB 159ms
150ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2470968757_w200_h200_2470968757.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 50effb2a8d688da32bb5e8aea2909a50faceee1a4de88afa6a88029df7373f4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: aeda6cb664df9c36520d77e3be126d7faa22d8aa_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 124
content-length: 8048

GET
H2 200 3340686925_w200_h200_3340686925.jpg
images.prom.ua/ 6 KB
6 KB 219ms
208ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3340686925_w200_h200_3340686925.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 5073a3aa030e8b1160b9b34c4f35beb86ae7ac11d89896fc2f6f564fe292fd00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 7c1cfe588dbd447315dd33f2c36e1edfb32f3941_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 322
content-length: 6310

GET
H2 200 597332606_w200_h200_597332606.jpg
images.prom.ua/ 3 KB
3 KB 319ms
309ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/597332606_w200_h200_597332606.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 769e97c35eaf76a039748b13b972c898a8b279dd6af16f3b12b8286bbe56e8a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 2cb5e9f2e82b37cca5aa2648e2cb908bfcbbfcee_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 27
content-length: 2662

GET
H2 200 4104516349_w200_h200_4104516349.jpg
images.prom.ua/ 5 KB
5 KB 308ms
298ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4104516349_w200_h200_4104516349.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 139f689d4ac98146beabc0e2b36a5ca862671b13e5b7870e91ef447e3cc54c41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 56bb923ac573f4b657b5c7023749e78262b8d5ec_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 35
content-length: 5264

GET
H2 200 4399207804_w200_h200_4399207804.jpg
images.prom.ua/ 4 KB
4 KB 260ms
250ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4399207804_w200_h200_4399207804.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 8984b84f701e0dac011a02cba592b3d5bf5a963096e7677df3c0e1275b56da23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: c37c4cca09198f09ac6c06f27f371403d919e20f_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 77
content-length: 4232

GET
H2 200 2164085795_w200_h200_2164085795.jpg
images.prom.ua/ 3 KB
4 KB 269ms
259ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2164085795_w200_h200_2164085795.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: bb025300965b77fb08fda75a66468d127e1845a5eb5763eb6885a197d8e6ea7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 4ba2264b41ca936a2b7a0d3deeee87eb9182d5cc_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 38
content-length: 3478

GET
H2 200 4314988929_w200_h200_4314988929.jpg
images.prom.ua/ 3 KB
4 KB 220ms
210ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4314988929_w200_h200_4314988929.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: a724680bfe0ce1a70800c727cc17247abb21a763f38173f9f0374920e128db0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 588b5bc11576076d92a3ad419ec49cfa40523343_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 67
content-length: 3354

GET
H2 200 3114175417_w200_h200_3114175417.jpg
images.prom.ua/ 4 KB
4 KB 219ms
209ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3114175417_w200_h200_3114175417.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 446769f0a0c913803740eff001847a379620685a8431450a04f106af4fbdf05b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 1c72e746ddd07262c230e451a2e243e85fda2b69_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1901
content-length: 3628

GET
H2 200 3447158064_w230_h230_zhinochi-sukni.jpg
images.prom.ua/ 972 B
1 KB 258ms
249ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447158064_w230_h230_zhinochi-sukni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 7f2428836c373bbbe8ca476b409ce4037058a820dee4c09fb0a58b11f616b6eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 438232ed8b406cefd838b07b760ceb449e39ea37_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 22
content-length: 972

GET
H2 200 3447157876_w230_h230_cholovichi-tolstovki-i.jpg
images.prom.ua/ 1 KB
2 KB 218ms
209ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447157876_w230_h230_cholovichi-tolstovki-i.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: f4c8bf34e471832635037e18bc7aac5a9a0d81f6ff82925c8c022c7e059e45c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: b2a549045db6f48ee01379ae9c0921f803ee5a26_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 20
content-length: 1324

GET
H2 200 3522914139_w230_h230_naruchni-ta-kishenkovi.jpg
images.prom.ua/ 1 KB
2 KB 358ms
349ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3522914139_w230_h230_naruchni-ta-kishenkovi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 649ec18fafe18e7629f923ddddcbaa80b83d2689ae88236fe44726c67a962bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e8df3563efebaf5679a5d75f7f8643d1e0fa26e1_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 52
content-length: 1446

GET
H2 200 3371841217_w230_h230_zhinochi-sumochki-i.jpg
images.prom.ua/ 1 KB
2 KB 409ms
400ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3371841217_w230_h230_zhinochi-sumochki-i.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 49f1117a5e8cce19bc68443dedfcf44c5e0f923bca050f24b7f959526badba6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 066d5a273fb49f93535a3c70cdfcbcf3c18b6f9b_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 14
content-length: 1524

GET
H2 200 img-VeaJhi4.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 1 KB
2 KB 61ms
52ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/img-VeaJhi4.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c9c69f9ce1741f3e5a0ea13e8d27f5073d6ad337fde898e27710351ebfc14428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
x-amz-request-id: tx000000000000004e7e262-00647a3b40-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/img-VeaJhi4.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/img-VeaJhi4.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1470
x-cdn-ruri: /build/js/images/img-VeaJhi4.png
x-uri2: corgi.c.evo.dev/build/js/imagesimg-VeaJhi4.png
last-modified: Mon, 29 Nov 2021 13:29:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: nginx-cache-01, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 3371843373_w230_h230_mobilni-telefoni-smartfoni.jpg
images.prom.ua/ 1 KB
2 KB 356ms
348ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3371843373_w230_h230_mobilni-telefoni-smartfoni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: e37c4bbcb7a1c857eab6aba6f286fa92be5b7541c3aaa79978e61d522ddb4e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 0a49b96caa118e7aed36926dc9741bdea5b87d84_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 60
content-length: 1368

GET
H2 200 3653409945_w230_h230_chohli-dlya-telefoniv.jpg
images.prom.ua/ 722 B
1002 B 367ms
359ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3653409945_w230_h230_chohli-dlya-telefoniv.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: bc6d04f1867aa9d1fcc0db04a837b42c1b3843907f703baa1dde6347286311ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e8aa08ada62bfd5f1c39b7aa1a53aa5e45a85306_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 16
content-length: 722

GET
H2 200 3450991006_w230_h230_planshetni-kompyuteri.jpg
images.prom.ua/ 2 KB
3 KB 407ms
399ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450991006_w230_h230_planshetni-kompyuteri.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 5ad4991f2318be5cae3078fc098b8f1b23df3d1bdd75e4a3ad45ffa8b44b77b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 490d6a9154bc91a09d3a223c8d1bea7632d21673_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 26
content-length: 2392

GET
H2 200 3450994011_w230_h230_televizori.jpg
images.prom.ua/ 2 KB
2 KB 508ms
501ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450994011_w230_h230_televizori.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 144d9ede7030fa71d39e255983e58b20d1bd0ff5eb097075b336b92efaa67447

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 4804a857bcfd2f57a1fc6db52515c6144a1a2d50_0
x-image-source: Resized original: aws
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-06
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 2096
content-length: 1548

GET
H2 200 3253385490_w230_h230_dityachij-odyag-ta.jpg
images.prom.ua/ 2 KB
2 KB 467ms
460ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385490_w230_h230_dityachij-odyag-ta.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: d7685e52f6f68cdfc5fb485ad23915dd2db27e6336cb3cb9023cc56f673c5bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: d5313a466530caa87e5464f72000bdb1676eb7ff_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 15
content-length: 1818

GET
H2 200 3253385496_w230_h230_igrashki.jpg
images.prom.ua/ 3 KB
3 KB 366ms
358ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385496_w230_h230_igrashki.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 30517f545cdbe4e0bd3dadb74a7d5049ef74cfca361fb3ac750eaa6c62e55c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 1e04ffd5b90fc3e33c003a58ef9abd7a44f789d9_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 38
content-length: 2852

GET
H2 200 3448643618_w230_h230_dityachi-kolyaski.jpg
images.prom.ua/ 2 KB
3 KB 517ms
510ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3448643618_w230_h230_dityachi-kolyaski.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: db79878d2ffff5c5de7051b6f9dca84e7df34bb42999e617902f9f4d99375b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: c17d03c45ab848adfe028eb710a10124bf7331f2_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 90
content-length: 2512

GET
H2 200 3253385817_w230_h230_dityachi-mebli.jpg
images.prom.ua/ 1 KB
1 KB 458ms
451ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385817_w230_h230_dityachi-mebli.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: f748eba184df960613999872597a709d7adc82face08df21eaaa9979c53a6d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 9e28f980d3fefbf6a08a40e0f1d5544721852404_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 22
content-length: 1120

GET
H2 200 3450990935_w230_h230_sportivni-kostyumi.jpg
images.prom.ua/ 2 KB
2 KB 416ms
409ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450990935_w230_h230_sportivni-kostyumi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 354647ed51ee858224b911c15019e6623d9a92bd9598e189b18ed287fc99e992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 87e2fb4ff19ea193d8ca7f930798a57778526b90_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 16
content-length: 1660

GET
H2 200 3447163428_w230_h230_krosivki-ta-kedi.jpg
images.prom.ua/ 3 KB
3 KB 467ms
460ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447163428_w230_h230_krosivki-ta-kedi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: f4f9e27dd7be2010cab5b10419db0d8c551bbb0ce9a690b704fcdddd6a034c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: f79381c188341f2bbdbf535bdf8d1cc0c8e9eb14_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 21
content-length: 2774

GET
H2 200 3292211586_w230_h230_trenazheri.jpg
images.prom.ua/ 1 KB
2 KB 457ms
450ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3292211586_w230_h230_trenazheri.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 2d3a285bc41da7d31ed5766dea513bafcfe4b9fba3aba2a18bb23f4aae24419a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: a4680999ca74c12557ef9dbb4dd2d597490a607a_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
content-length: 1350

GET
H2 200 3292211538_w230_h230_tovari-dlya-ribolovli.jpg
images.prom.ua/ 666 B
947 B 557ms
551ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3292211538_w230_h230_tovari-dlya-ribolovli.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: a5985dc47b8995ceb6035a19624210fc7aa89d796b50d439c06b81002b43e8db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 3bdc5ec73f9d941c021e549d41019b08961a39be_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-06
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 3863
content-length: 666

GET
H2 200 3643028882_w230_h230_komplekti-postilnoyi-bilizni.jpg
images.prom.ua/ 2 KB
2 KB 506ms
500ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3643028882_w230_h230_komplekti-postilnoyi-bilizni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: c2977788adee41f88362a1bf02982c5b6af82b3c348421a5b1955f6602574e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: b90a871ac3dafaa20c4ae0dfc03d5fdd9c179f03_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
content-length: 1584

GET
H2 200 3643029999_w230_h230_divani.jpg
images.prom.ua/ 828 B
1 KB 407ms
400ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3643029999_w230_h230_divani.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 318a7eb99a398fc1ca10d371ca4ace598e345fc07abae6705fc1a532d2b191ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 435d58d7c89dde69ce2eda1007c6407da3e48723_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
content-length: 828

GET
H2 200 3253385585_w230_h230_posud.jpg
images.prom.ua/ 2 KB
2 KB 455ms
449ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385585_w230_h230_posud.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 8483f404939ebe8cc5c06f5460c44be3d5825b1cbf43b0efcb3d68a868328312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 4ff63dafbc0e355511d998493f103d16cf4420af_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 43
content-length: 1566

GET
H2 200 3647496025_w230_h230_zasobi-dlya-prannya.jpg
images.prom.ua/ 3 KB
3 KB 516ms
510ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3647496025_w230_h230_zasobi-dlya-prannya.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 93d7544440fa69acb982a8126c66afcd7ca93bb547a4dc88849d2954e378c9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: d7899e3ef413e706eeaa28006242917930e223c4_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 18
content-length: 2990

GET
H2 200 Vaw.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/ 1 KB
1 KB 58ms
53ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/Vaw.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: b9910f1889eee2368444871c18b7f009092754ff93da56ee27ca1587505bcd20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-search-HLW/br-encoded-Vaw.svg
x-amz-request-id: tx000000000000004e7c3a9-00647a3b0d-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-search-HLW/br-encoded-Vaw.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/Vaw.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 565
x-cdn-ruri: /build/js/images/footer-search-HLW/br-encoded-Vaw.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: ferdelance, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 CpBX7.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/ 2 KB
2 KB 58ms
53ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/CpBX7.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 005ed092fa26e76ae99a5613a420e81c377e9767fde19ecdeb651fb681b1464c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-carriage-A/br-encoded-CpBX7.svg
x-amz-request-id: tx000000000000004cf4b93-00647a3b0d-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-carriage-A/br-encoded-CpBX7.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/CpBX7.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 665
x-cdn-ruri: /build/js/images/footer-carriage-A/br-encoded-CpBX7.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-04, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 footer-hearth-MXmUgQg.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 59ms
53ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-hearth-MXmUgQg.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 4c34bdb875f35418f90c3f426b2da0078370e1479dea9cbc18fed6eb97291ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-footer-hearth-MXmUgQg.svg
x-amz-request-id: tx000000000000004e7c394-00647a3b0c-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-footer-hearth-MXmUgQg.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-hearth-MXmUgQg.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 706
x-cdn-ruri: /build/js/images/br-encoded-footer-hearth-MXmUgQg.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: lancehead, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 juk.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/ 2 KB
2 KB 59ms
54ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/juk.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 54f0ff0445947e0b65897e0fc171022a3eb8d8f5b27e839f463c41fbe8d0dafb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-exchange-c0h/br-encoded-juk.svg
x-amz-request-id: tx000000000000004e7c39b-00647a3b0d-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-exchange-c0h/br-encoded-juk.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/juk.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 741
x-cdn-ruri: /build/js/images/footer-exchange-c0h/br-encoded-juk.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-03, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 footer-dog-2UQFQei.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 59ms
54ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-dog-2UQFQei.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 1f30b20cd353571d2a3c6270f9dd7f013676caabfe6ee67be16ebfdc684e7bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-footer-dog-2UQFQei.svg
x-amz-request-id: tx000000000000004e4e589-00647a3b0f-37a4103a-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-footer-dog-2UQFQei.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-dog-2UQFQei.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 979
x-cdn-ruri: /build/js/images/br-encoded-footer-dog-2UQFQei.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-03, eunomia
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

OPTIONS
H2 200 track_informer_views
my.bigl.ua/ps/ Frame 0
0 230ms
67ms Preflight 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/ps/track_informer_views

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrftoken,x-requested-with
Access-Control-Request-Method: POST
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, x-csrftoken, x-requested-with, x-promuserid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bigl.ua
content-length: 0
date: Fri, 16 Jun 2023 12:28:20 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: d7f88d1e-ba8e-44c8-97c2-7b49c8cd5cf5
x-xss-protection: 1; mode=block

POST
H2 400 track_informer_views
my.bigl.ua/ps/ 0
0 58ms
58ms Fetch 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.bigl.ua/ps/track_informer_views
Requested by: Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/739_020c752a1c751b30589c.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://bigl.ua/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-CSRFToken: 0a726071ddd54b8d80eb425932555450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://bigl.ua
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, x-csrftoken, x-requested-with, x-promuserid
content-length: 0
x-request-id: 4fcb9723-bd3a-4232-bddf-84d9dd757c10

OPTIONS
H2 200 question
colbert.evo.company/report/v0/ Frame 0
0 213ms
163ms Preflight
application/octet-stream 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert.evo.company/report/v0/question?org=20YqCrYvyNWQpr0v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-script-lsr,x-script-version
Access-Control-Request-Method: GET
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-SCRIPT-LSR,X-SCRIPT-VERSION
access-control-allow-methods: GET
access-control-allow-origin: https://bigl.ua
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 7d830d54db7e3a86-FRA
content-length: 0
content-type: application/octet-stream
date: Fri, 16 Jun 2023 12:28:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Jk9Mw0tm2jo5g233hJ%2FMvS%2FZb%2FJIUFF0tCt6izovMEb94Nb15F3xfqtgI5uB2P8o6Q9rcKgaW2piMdI08Cyb9Za6uz5DxG9%2BImOfodS0NG86QFPLGJ1r9MeYWYHcUhzU7%2BSoeot3SF4NiO7kreWIBA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-envoy-upstream-service-time: 5

GET
H2 200 question Show response
colbert.evo.company/report/v0/ 20 B
678 B 201ms
172ms XHR
application/json 2606:4700:20::ac43:46e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert.evo.company/report/v0/question?org=20YqCrYvyNWQpr0v
Requested by: Host: colbert-static.c.prom.st
URL: https://colbert-static.c.prom.st/static/colbert.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c

Request headers

Accept: application/json, text/*
Referer: https://bigl.ua/
X-Script-Version: 1.25.2
Accept-Language: de-DE,de;q=0.9
X-Script-LSR: 694679458298530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Cookie, Accept-Language
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5TdXUqQlyOHrLFE%2Fqr%2FVZkjjfjrXrPfbns%2BR3VpjqmtkLwLfapbK3Hv5jRxvTlb2M6P6x%2FmXNCLH4YJokPDTrDX4L0OEgE1NRtpvlXaTL4eEW9mU1TEPIZxebQsJ85Lukw7C6TkE%2BmwNlu6gFq03bY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
cf-ray: 7d830d561c611901-FRA
content-length: 20

POST
H2 204 pageviews
tracker.bigl.ua/endpoint/ 0
161 B 128ms
53ms Ping
text/plain 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bigl.ua/endpoint/pageviews
Requested by: Host: my.bigl.ua
URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bigl.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 16 Jun 2023 12:28:20 GMT
server: nginx
access-control-allow-headers: X-CSRFToken, X-PromUserID
access-control-max-age: 2592000
access-control-allow-methods: POST, GET

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
433 B 140ms
43ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
962 B 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Jun 2023 13:22:43 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Jun 2023 12:55:42 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
362 B 165ms
46ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

OPTIONS
H2 204 log
gotcha-server.evo.run/ Frame 0
0 278ms
59ms Preflight 193.34.168.232
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://gotcha-server.evo.run/log
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.168.232 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-Debug-Key,x-request-id
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-origin: https://bigl.ua
access-control-max-age: 600
date: Fri, 16 Jun 2023 12:28:21 GMT
server: nginx
x-envoy-upstream-service-time: 0

POST
H2 204 log Show response
gotcha-server.evo.run/ 0
286 B 58ms
57ms XHR
text/plain 193.34.168.232
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://gotcha-server.evo.run/log
Requested by: Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/gotcha/gotcha-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.168.232 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bigl.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-origin: https://bigl.ua
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-Debug-Key,x-request-id

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-72595237-1&cid=c-7A6cwJbCHHsf3DjW4s1eLs2KqOCMU1&jid=526826804&gjid=1190228033&_gid=2008982061.1686918501&_u=aKDAgAIZGAQCAEAM~&z=277521810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigl.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Jun 2023 12:28:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigl.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=376242648&t=pageview&_s=1&dl=https%3A%2F%2Fbigl.ua%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Bigl.ua%20%E2%80%94%2061%20688%20719%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D1%83%D1%81%D1%96%D1%94%D1%97%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aKDAgAIZGAQCAAAM~&jid=526826804&gjid=1190228033&cid=c-7A6cwJbCHHsf3DjW4s1eLs2KqOCMU1&tid=UA-72595237-1&_gid=2008982061.1686918501&cd1=main%3Aindex&cd8=desktop&cd9=&cd19=NA&cd20=mp2&cg2=main%3Aindex&cg3=desktop&cd13=c-7A6cwJbCHHsf3DjW4s1eLs2KqOCMU1&z=435042333

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 03:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33161
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 64ms
63ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-72595237-1&cid=c-7A6cwJbCHHsf3DjW4s1eLs2KqOCMU1&jid=526826804&_u=aKDAgAIZGAQCAEAM~&z=1454004481

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 68ms
68ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-72595237-1&cid=c-7A6cwJbCHHsf3DjW4s1eLs2KqOCMU1&jid=526826804&_u=aKDAgAIZGAQCAEAM~&z=1454004481

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame E2E1 3 KB
1 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 11:46:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame E2E1 19 KB
8 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 17:39:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E2E1 0
0 46ms
46ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiASuCQHSZoqZ7qwQA8eIcVFTBGh2mZRXUpYn_PQeQ2FBRPIgoCMjeoTNXiNfZH51gpCevNlHJ9hUhUtd9hwP-HuJ-Cw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2E1 178 KB
56 KB 3103ms
3022ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 12:28:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E2E1 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-O58ZFWMZIf2G7KDmweTs4DQBsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzc5ODk5NDI5MzEwMDMxMMgBCakCDoALnjRfsj6oAwGqBLMBT9B71_Ln6YpM-LTaGxtYk_22v8rVx5Skm-78N0ry3xX2AbyHjBa1ARrEvS6QNxeIob0Ym8NSRHv69BGtyE5gna3hRdHJb46jN6TKU6hpYzRIeKmvEyuL_AMTB-1j9nhr2e8BiUj1So6HT14aIj8TublN85w1CWlqn4NO5pT7ndoMtnMR8W2dtBwjbPD2TfanMlDy4oTyuviBugzBld8VSua_Y1ewv3ij5_1HPIg_cEEsmVSABp3-mre-xuiJmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc3OTg5OTQyOTMxMDAzMTAYAA&sigh=6oyo3axJ0c4&uach_m=[UACH]&cid=CAQSPABygQiDkAM06WAL99CGttXqQY4uc2ohN-XD7E3iEnFBf4MRJTiwbiAK5a0Ly-ASGIt2GsE_QPZAE37_mRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Jun 2023 12:28:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame E2E1 0
0 67ms
16ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI63Dsz6RLAJmAKdg2ICAgAAAI4hTM_SY53fEGNVjGSPJKBnYNIGLsyoAAASAAAKCkFRVUJEd0VCRHc&wp=ZIxVZAAG-wcK5sGyAAAZk2oBEQHsUjnhyWj5yw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 154560
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B8B0 198 KB
59 KB 129ms
96ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZIxVZAAG-wcK5sGyAAAZk2oBEQHsUjnhyWj5yw&u=%7COPjhYzn0K1bbK2%2B5V5hZUk5NaviMu3Z9krZDFWmtbQY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866tAr3ahIOoyyjMrEUTRjVSJxMgOnd_ocpYbVzZwsIR7WfESggEhukhrodYHm2KEBRZnjcrwsquNNcWXk0PRT5OpQMTEN4FvzV-dF-MnLtoCDM4H7c4tCqAtAE_dt3PmmDbwvQQe5BPcFL_hyFKLXvDqv_dTn2Lo1QLIB79-w6hZvaDL5atghqaJK3_cEJ6pWpBnzgSSoQOQlFN6ObY2X6m6bBmGOQvZmWkOf1YpHml_3QEPkCG5oAyNvuZjLNPsEA3X9upIAC9UbkL7CDOxG_9kaAIlsDh0w-H_32HViafC0haHAplnn3fpZ_jrnzxGQaH4ctwCphxJZF3aykFkzUNtuHivPN3TeaDHv8BbuUU6a29ZWhAtlHj8ZUVP38TAY1nPV5B8FmZYJoY_2t835xECKlkagorQD54KE3gDrixvsFdMYLz_84qwjGg39po1LDHI5jZ1cATCsSdNzV0UbUQTCHDtdoD0wq9dYPPaId3LzRVa2Q5RdbEqcXnZNpdBRAp1TxYl-hu5k-AV8iveq9wFfHsSUrkhfNSy6aV-A4n-zTl_7Lz3_ps&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe_z2ZFWMZIf2G7KDmweTs4DQBsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzc5ODk5NDI5MzEwMDMxMMgBCakCDoALnjRfsj6oAwGqBLYBT9B71_Ln6YpM-LTaGxtYk_22v8rVx5Skm-78N0ry3xX2AbyHjBa1ARrEvS6QNxeIob0Ym8NSRHv69BGtyE5gna3hRdHJb46jN6TKU6hpYzRIeKmvEyuL_AMTB-1j9nhr2e8BiUj1So6HT14aIj8TublN85w1CWlqn4NO5pT7ndoMtnMR8W2dtBwjbPD2D_SGoNd9fpdNJuwiajFnbdYBQFC1TU8yC7CeQQ_4IqQn9euoiutyYs6ABp3-mre-xuiJmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1uQ1-ICqaZuesbVgRGAVUJobDpwg%26client%3Dca-pub-7798994293100310%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c51d57356324556dea1acad4f6a708e86d1cce1adb9e39f8e0220cf97de73c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 12:28:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1lTaeNvDCHFW9MuBIAw40wCxFAPf7hkaCaRqkcfe649jbJeLhGY4eHE4RFkAvluZYosCUoeO0KYo4GHApLhf_JGzUtjb5VOQeP_I6lN8r_mAU8DLX9VqhoMbkBCIYjmQECQwu32Nkw9rbsf43__aJ-RA0Jl1DQ1V0QfDdYAf5DrkDmjQmECcEu1ZXO7wOv2xyYXfG2tVq2OdlRNBcFhqNSm2n6w9odq4wXc9v-iglqqLKumztcnTvPhK4gh_pUSowupQgQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74756602
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4976 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Fri, 16 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4976 0
104 B 117ms
28ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK2XZjwitLgFtVacGVXGVAg&google_cver=1&google_push=ATf1kGNPhBQWV2WG_JCuyyRIpShQUsVY8-YFcoFDiXQGWzOY7xAcKqQ6w05w7KvbTNMn6Q7HbgSuXXgalMcsyXJgGPKMESxDIhFH18A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4976
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAiYv5YbP4R_InBHIJsYzwQ&google_cver=1&google_push=ATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bu...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAiYv5YbP4R_InBHIJsYzwQ&google_cver=1&google_push=ATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0...

43 B
416 B

210ms
193ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAiYv5YbP4R_InBHIJsYzwQ&google_cver=1&google_push=ATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d830d5a3de2913c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 309
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAiYv5YbP4R_InBHIJsYzwQ&google_cver=1&google_push=ATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOjoIJWrXU3X5FQwLkl72Ai6aXBjyWWtHRMFywAHxrOa4kIt6VE5zHp2z1gpd6pWWl32yJngaZ9TZUhkBy4Vna0ERRZCz0Bucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d830d590c49913c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4976
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKoVUlwtXfpeUapIVEs_WwI&google_push=ATf1kGNHFHm-fndDNU-8cYR_HpinMj4DNdWIEoA3upvt4ByUkXcXsiKm6n...

170 B
232 B

49ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKoVUlwtXfpeUapIVEs_WwI&google_push=ATf1kGNHFHm-fndDNU-8cYR_HpinMj4DNdWIEoA3upvt4ByUkXcXsiKm6nE1sqmKebQwT_WA0p_bjpQROb45Yf2kfroB4Rk7ZsOGrA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230134-FRA
pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686918501.286579,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKoVUlwtXfpeUapIVEs_WwI&google_push=ATf1kGNHFHm-fndDNU-8cYR_HpinMj4DNdWIEoA3upvt4ByUkXcXsiKm6nE1sqmKebQwT_WA0p_bjpQROb45Yf2kfroB4Rk7ZsOGrA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 4976 0
98 B 60ms
23ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGOXrNoDbtZSgMu9Tuhjp621xvDHBvG_TjKuCfivhyjN9ppTdtCRL1lQWgoLebqyIzWiPiXOPbV-_BrRpCT0nE9tkBA1eTi2ig&google_gid=CAESEH9HH9ULhSwq9Mby49agdEE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4976
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENDAPzipGYlWGGjpBWkh2cY&google_cver=1&google_push=ATf1kGNi5P1mxp9V5slTPtDnhWuISN78k0PTMQ8G_fQd55cEU4EIsMjVXqD2FihykctVMEJQUJQJdQOKHn-JDA...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTI1OTc5MjgyNDQwMDAxOQ%3D%3D&google_push=ATf1kGNi5P1mxp9V5slTPtDnhWuISN78k0PTMQ8G_fQd55cEU4EIsMjVXqD2FihykctVMEJQUJQJdQOKHn-JDApo_n...

170 B
329 B

102ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTI1OTc5MjgyNDQwMDAxOQ%3D%3D&google_push=ATf1kGNi5P1mxp9V5slTPtDnhWuISN78k0PTMQ8G_fQd55cEU4EIsMjVXqD2FihykctVMEJQUJQJdQOKHn-JDApo_nAJJCNwFxgMs94

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTI1OTc5MjgyNDQwMDAxOQ%3D%3D&google_push=ATf1kGNi5P1mxp9V5slTPtDnhWuISN78k0PTMQ8G_fQd55cEU4EIsMjVXqD2FihykctVMEJQUJQJdQOKHn-JDApo_nAJJCNwFxgMs94
Date: Fri, 16 Jun 2023 12:28:21 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4976 43 B
363 B 61ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEHPp9E3mey9Qc0a-DuPmoYs&google_cver=1&google_push=ATf1kGPBK_NyNZ7dGAUfefs9jLTFGBjMCx-37iecHSWToBO7NjuVHJwPLl5v-m89yCCnt3pIOxIWALztH2DWGYgPRINqv4U4MpBgRqo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 161202
expires: Fri, 16 Jun 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 4976
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAso1ijnYR3hixMI4nhc65Q&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOQRDDtqT7u1VmYSSDcU6-5nD3574r_zag8Uwgt64KvWZ4qJo1DAA2DJurAArCyO4992Aeaf3n7hwD9_owB6BdLHidmLJsmh6V_
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

39ms
39ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 16 Jun 2023 12:28:21 GMT
pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4976 0
130 B 137ms
46ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JeO2PrSta1_CL1jlCl_486luu3MojCYukvNGV0bdqErjvD99iU04hAgIwW3NB_Vh_isMvXyA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E2E1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80ff2908e720ceaef6bc6138157c810dea18921796b03efd6096c5fe051eb761

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B8B0 2 KB
1 KB 53ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZIxVZAAG-wcK5sGyAAAZk2oBEQHsUjnhyWj5yw&u=%7COPjhYzn0K1bbK2%2B5V5hZUk5NaviMu3Z9krZDFWmtbQY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866tAr3ahIOoyyjMrEUTRjVSJxMgOnd_ocpYbVzZwsIR7WfESggEhukhrodYHm2KEBRZnjcrwsquNNcWXk0PRT5OpQMTEN4FvzV-dF-MnLtoCDM4H7c4tCqAtAE_dt3PmmDbwvQQe5BPcFL_hyFKLXvDqv_dTn2Lo1QLIB79-w6hZvaDL5atghqaJK3_cEJ6pWpBnzgSSoQOQlFN6ObY2X6m6bBmGOQvZmWkOf1YpHml_3QEPkCG5oAyNvuZjLNPsEA3X9upIAC9UbkL7CDOxG_9kaAIlsDh0w-H_32HViafC0haHAplnn3fpZ_jrnzxGQaH4ctwCphxJZF3aykFkzUNtuHivPN3TeaDHv8BbuUU6a29ZWhAtlHj8ZUVP38TAY1nPV5B8FmZYJoY_2t835xECKlkagorQD54KE3gDrixvsFdMYLz_84qwjGg39po1LDHI5jZ1cATCsSdNzV0UbUQTCHDtdoD0wq9dYPPaId3LzRVa2Q5RdbEqcXnZNpdBRAp1TxYl-hu5k-AV8iveq9wFfHsSUrkhfNSy6aV-A4n-zTl_7Lz3_ps&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe_z2ZFWMZIf2G7KDmweTs4DQBsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzc5ODk5NDI5MzEwMDMxMMgBCakCDoALnjRfsj6oAwGqBLYBT9B71_Ln6YpM-LTaGxtYk_22v8rVx5Skm-78N0ry3xX2AbyHjBa1ARrEvS6QNxeIob0Ym8NSRHv69BGtyE5gna3hRdHJb46jN6TKU6hpYzRIeKmvEyuL_AMTB-1j9nhr2e8BiUj1So6HT14aIj8TublN85w1CWlqn4NO5pT7ndoMtnMR8W2dtBwjbPD2D_SGoNd9fpdNJuwiajFnbdYBQFC1TU8yC7CeQQ_4IqQn9euoiutyYs6ABp3-mre-xuiJmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1uQ1-ICqaZuesbVgRGAVUJobDpwg%26client%3Dca-pub-7798994293100310%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B8B0 2 KB
1 KB 55ms
20ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B8B0 308 B
636 B 53ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B8B0 293 B
622 B 50ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame B8B0 43 B
348 B 66ms
17ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t2pnZf-fLXdDpsmhei6V6Ui8EiIjYKgFeIk6e7cD4oDi-DnWrkbA7IVlb-R54mLmJ41IklV3X4WdFHXkHkigX2cXjikMqSZv1yZpuPsv4ZEs802iK0poRq04KrFceVhpSBO7wNw-1q3PzWR_KsM4h0VMjo0C0DGUsnsHvp1zt7Qshqf-JedAWp8tawcQ11uduFXjSVVqCs3kAHUynuNvDhXNzaudaXxM7vg6FKWTcpCYSbT7CoZ3r8C5BVnps2fBt0t8r0J3DcX6wgpXORKiptg_TQEg8yMXhcMUygo-osFeoDNYWQZGFpGf86zHYMzNSix6znDUJ8y-PWxSLhT_pm_UtMgEUzok1AyvM8yGteZb5TuXyyX3dbvWK1yiJgRofYdlyhUGQGsUVC7dTSeCoeJpqBfZ5Kpj9QF9J8DkgudheLqd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1591205
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B8B0 12 KB
5 KB 60ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 308706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfNmAezRxPfq7jagt1aClj5H%2BpznWpOtb070XXpwpUCntuvw88cmBR0nnJWluQXa1qq6Xg8lu3G5Q9OADKwT3GG1po%2BUaoqTebf4a4QOrZUE2jJHtZiCbnnOt97yHWe6lDGagewqxe41FkHYjdpMgOhK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d830d59c84e371c-FRA
expires: Wed, 05 Jun 2024 12:28:21 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B8B0 12 KB
6 KB 18ms
17ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 3 KB
3 KB 79ms
43ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=3455&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3455%2F210331%2F6d4c617ae012456da1cfa367ffefe967_logo.png&v=3&w=196&s=qt2T9dwImWH0LPJP-tkbE-Eo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

066b2cd584d2e287c8c1605703d409aeda83cb5b16ebeeb2d3a883981c5e033f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 2886
expires: Fri, 31 May 2024 03:06:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 8 KB
9 KB 54ms
18ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_220041-21070_6382_110.jpg&v=3&w=400&s=N5pyFX6H3WqOUAAp1BeRXJzP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0e7c2760bb9df1a909dbb5246b5dec24256da41480ad548bfe395e0420ef2774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8690
expires: Wed, 21 Jun 2023 13:17:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 11 KB
12 KB 65ms
29ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_180056-35043_9068_110.jpg&v=3&w=400&s=XjLXPeOsP9PduF8mK4jx7EtN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d5a0c20a70fbdabbe32a9be5d11aa679b8981a9606758b84f5029c57aef4329f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11614
expires: Mon, 19 Jun 2023 09:51:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 4 KB
4 KB 67ms
32ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_885106-44017_80890_110.jpg&v=3&w=400&s=VHTnVm5xjAsPr94N5LU1YaVL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

28daff77709b2c4350e36a58ca47d0c639921229f1972d6ce1c5185cb301ceb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 3924
expires: Fri, 16 Jun 2023 20:11:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 12 KB
12 KB 72ms
36ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_320344-11020_6502_110.jpg&v=3&w=400&s=1cOdI2KYma_fMLDn1qUppGiH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5bd340a22652131a326826cc41993723faaef6bce21c442b2bc3dfd8366e0202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11984
expires: Wed, 21 Jun 2023 13:21:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 10 KB
10 KB 78ms
42ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_180052-31438_9068_110.jpg&v=3&w=400&s=pATPTC4DAVYzrjdezul5GB3n&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0762e1e9263d387e46bf927756840f8102c0347fcd79f2b0c045951715aa3b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10352
expires: Mon, 19 Jun 2023 11:11:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 10 KB
10 KB 30ms
29ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_220044-28000_1102_110.jpg&v=3&w=400&s=vYqSEZUVDtxbyE71upOJvce9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b308e23036e484b08451dd886a26a4c05d4f5ba91100d20af3fa23f14e05bb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10530
expires: Wed, 21 Jun 2023 16:38:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 10 KB
10 KB 28ms
27ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_320329-11100_9452_110.jpg&v=3&w=400&s=CHZDd7lMkWtOG7zawWkk5u-Y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f54b13dbf4fc7321aa9f74f14e6ba5fe6e9a08912773609d925ebc53d72644b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10284
expires: Wed, 21 Jun 2023 14:45:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 7 KB
8 KB 28ms
27ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_960991-29242_8100_110.jpg&v=3&w=400&s=IdSTC83EGnMcrCP3aOI855zu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a0e3c67266cc4b0e41361655ace9d55fa223ded4950a3dbd4c9dbd40f90a4d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 7542
expires: Wed, 21 Jun 2023 13:25:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 12 KB
12 KB 43ms
42ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_180052-31438_8068_110.jpg&v=3&w=400&s=6IishDwAkbvHJDffgmq6kUG3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ed9c235aa8b2ab618c639c5f1485a3f139a55c58be5d05818f8f880880feb663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 12384
expires: Mon, 19 Jun 2023 08:36:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 13 KB
13 KB 41ms
40ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_180022-31514_9068_110.jpg&v=3&w=400&s=6E23AlUte7D-ti6GnhD9WoL9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2d4b89d749ea58b9f38c2ea606617d002cab0f09198892ed82014cd014b3ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13632
expires: Wed, 21 Jun 2023 13:15:06 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 10 KB
10 KB 37ms
36ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_110025-31525_9058_110.jpg&v=3&w=400&s=hdI7CqGcSiPBK6Szh1XaYMGv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

157a1f3efab3a5579b0b5b21de01eab379560c759b8885ef5fcc1d8cad562b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 9858
expires: Thu, 22 Jun 2023 20:23:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 11 KB
11 KB 31ms
30ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_18_2231_1_281002_26125_8732_110.jpg&v=3&w=400&s=D8oisgNJuGdKW3uJ0GSVZ6oI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ec73a9adc8691e7c87e1fe3f192ead6f047480459f914f8c5d7e6a78e6f465a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11176
expires: Wed, 21 Jun 2023 16:44:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 4 KB
4 KB 46ms
45ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_811030-66222_90538_110.jpg&v=3&w=400&s=bbDdmKG2s15ageWkVMlLenH7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bbffb8fee2ba2a02bfb77ee3b96d17d0f4c8570c89118ab909fdf1b78080e3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 4044
expires: Mon, 19 Jun 2023 13:03:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 9 KB
9 KB 42ms
41ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_180050-31292_8068_110.jpg&v=3&w=400&s=7eLh8fLloKsWW9fy_1Oqbnyn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cb159836f3e9e9d8a0b598f2fe959623151570d56800c19be725c63438b37947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 9340
expires: Wed, 21 Jun 2023 13:19:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 6 KB
6 KB 45ms
44ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_310306-11016_9452_110.jpg&v=3&w=400&s=SUp4THhIIrswf4BszUE0mVeR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

520b9cc9d85fd3d647e7c8cbd1907b7f1b7915f550a0c8f5abfcfdd373c9851e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 5952
expires: Wed, 21 Jun 2023 13:31:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 4 KB
5 KB 37ms
36ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_885037-66403_30903_110.jpg&v=3&w=400&s=s45qBsHFFpk6F8--cTRhKO1U&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c19c3f4c114bce5e001b4747c5fc0a63b5c0d0832fa4ad775c8192c81b596319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 4584
expires: Mon, 19 Jun 2023 11:22:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 5 KB
5 KB 39ms
38ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_92390-67850_26400_110.jpg&v=3&w=400&s=nUivgDx1mE7NrGy-6hT1tuNF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cd4d12b463e695328d7bdf586758c3dc7d8e61b15b34bc5f10e446da9c1a954f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 4654
expires: Wed, 21 Jun 2023 13:29:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B8B0 8 KB
8 KB 38ms
37ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_110023-31515_30902_110.jpg&v=3&w=400&s=exlmmFJbM65NoWmjvglGj4Gd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

174901599445b17dab8d7f4cc7681374bd38a2d98a85ebee80bb3e921929a436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8058
expires: Wed, 21 Jun 2023 14:11:42 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B8B0 0
128 B 51ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=1lTaeNvDCHFW9MuBIAw40wCxFAPf7hkaCaRqkcfe649jbJeLhGY4eHE4RFkAvluZYosCUoeO0KYo4GHApLhf_JGzUtjb5VOQeP_I6lN8r_mAU8DLX9VqhoMbkBCIYjmQECQwu32Nkw9rbsf43__aJ-RA0Jl1DQ1V0QfDdYAf5DrkDmjQmECcEu1ZXO7wOv2xyYXfG2tVq2OdlRNBcFhqNSm2n6w9odq4wXc9v-iglqqLKumztcnTvPhK4gh_pUSowupQgQ&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 16 Jun 2023 12:28:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B8B0 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B8B0 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 prompt-400.css
static.criteo.net/design/googlefont/prompt/ Frame B8B0 1 KB
740 B 17ms
16ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/prompt/prompt-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0e8-4ef"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 prompt-700.css
static.criteo.net/design/googlefont/prompt/ Frame B8B0 1 KB
740 B 17ms
17ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/prompt/prompt-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0ea-4ef"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 prompt-400-latin.woff2
static.criteo.net/design/googlefont/prompt/ Frame B8B0 17 KB
18 KB 63ms
30ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/prompt/prompt-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/prompt/prompt-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0e8-44e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
static.criteo.net/design/dt/ Frame B8B0 27 KB
28 KB 69ms
37ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 01 Mar 2021 13:06:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"603ce6bb-6d70"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Jun 2024 12:28:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C862 6 KB
1 KB 130ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=1&bdt=1353&idt=1&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0%2C1200x280&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qFc2xgK3Gt&p=https%3A//bigl.ua&dtd=38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Jun 2023 12:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 10:29:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Jun 2023 12:28:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C862 2 KB
946 B 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 17:39:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C862 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8ZFZZFWMZOPMHJ631fAPqZO-4AiCkLLSXOPBn4vMEcCNtwEQASDX96t8YJXikIKgB6AB-PCwgAPIAQmoAwHIA8sEqgTOAU_QPVoSWCIqc99NIkiy13MP5uzGzMcLgt8JZgXPss9jsXo1O-Zuzsp9a8LDlO5jbdteGH1Ctc7goRzvqpWnH3Qrp6LVB-oyTkgjDlaIDLDIppp6TxcYNFiew6rSTYrk72bxupfORneQlFpcPHiJVWmp_J9EBva9JrZnK9NaND4qNxIvWB3faigAgbV21BZRY44gzGRGv01iyzg5Lfn4gHzCM90212hE5z18zXYDq-IsZUQVdV2WhiaNQxCDCrnvrDckj-_4feMQw1aW1Ns5wATHt8LY9gKSBQQIBBgBkgUECAUYBKAGLoAH8I7Pf6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI7lDtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMK0BUBmBYBgBcBshccChoIABIUcHViLTc3OTg5OTQyOTMxMDAzMTAYAA&sigh=QClw9vMOCxM&uach_m=[UACH]&cid=CAQSPABygQiDj2cfPecw-u4TZQ8Hb6wCJm-8fOFavQQXQIMrdshZa3IgGtDCSYOR2dn8GlQfQmrcYEGB3rq3MhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=1&bdt=1353&idt=1&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0%2C1200x280&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qFc2xgK3Gt&p=https%3A//bigl.ua&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Jun 2023 12:28:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame C862 22 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 23:17:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C862 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 11:46:31 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 00A3 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Fri, 16 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C862 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 17:39:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C862 0
0 47ms
46ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuA0mZK0g4uKwei5UVO6RzDS4i6OyKa9uRsXoZecmeyT484suuashoJ3UbbivNmgUvBizTPJg5A0wGJ2mwoWcTGED4aQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=1&bdt=1353&idt=1&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0%2C1200x280&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qFc2xgK3Gt&p=https%3A//bigl.ua&dtd=38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C862 178 KB
56 KB 2707ms
2706ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 12:28:24 GMT

GET
H3 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame C862 32 KB
13 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 11:40:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13300707558055263742/ Frame C862 41 KB
41 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13300707558055263742/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a06dd66d7265a6ce0a7b3a38e31a52bb3e731bf34872259a50fb7c84ac7146fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 09:41:24 GMT
x-content-type-options: nosniff
age: 182817
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41976
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 05:13:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Jun 2024 09:41:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00A3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdqTWJmdEIxUWE4eVY1&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&google_cver=1&google_push=ATf1kGPOdwiyLQ-FAKfggnct729SKCxkYmqDVe_OOVoiOqU...

170 B
188 B

45ms
45ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdqTWJmdEIxUWE4eVY1&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&google_cver=1&google_push=ATf1kGPOdwiyLQ-FAKfggnct729SKCxkYmqDVe_OOVoiOqUD2Olq6Zf6Anm_rAnujLmxQ1DUZLSumA0x7OjeGR7wPV_53ZKBfL282w

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jun 2023 12:28:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-0d5671f9c7f795968@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdqTWJmdEIxUWE4eVY1&google_gid=CAESEGKyQj4LMCtxUgQjgoihG9c&google_cver=1&google_push=ATf1kGPOdwiyLQ-FAKfggnct729SKCxkYmqDVe_OOVoiOqUD2Olq6Zf6Anm_rAnujLmxQ1DUZLSumA0x7OjeGR7wPV_53ZKBfL282w
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 00A3 43 B
419 B 276ms
275ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESED6OdhHRK_OWB_z4oKB6DZ8&google_cver=1&google_push=ATf1kGPSCSGdPkFZ1CjdBDao0CNzFhR4RfcbxAXLTIRzmuBaUD2FGX1Tl-fwwt8YWxTOs3fmycv75uJPsIwKqkXFhrlFkRWsvBkZNA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPSCSGdPkFZ1CjdBDao0CNzFhR4RfcbxAXLTIRzmuBaUD2FGX1Tl-fwwt8YWxTOs3fmycv75uJPsIwKqkXFhrlFkRWsvBkZNA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=1&bdt=1353&idt=1&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0%2C1200x280&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qFc2xgK3Gt&p=https%3A//bigl.ua&dtd=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d830d5bafca913c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00A3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFE_6xtYlYLiC_XuYfnESjM&google_cver=1&google_push=ATf1kGPmz1LzGrae_JqSoE1AmhDZJytg3sR6ekQ3a17CWevHqEYvzLvcQwUlHRZBXFcIdDTz_zgUJeGFL8S...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPmz1LzGrae_JqSoE1AmhDZJytg3sR6ekQ3a17CWevHqEYvzLvcQwUlHRZBXFcIdDTz_zgUJeGFL8Sob6AJUZnAOE8FI7p_kA&google_hm=mlJH-6QUTQSrFf6ejg...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPmz1LzGrae_JqSoE1AmhDZJytg3sR6ekQ3a17CWevHqEYvzLvcQwUlHRZBXFcIdDTz_zgUJeGFL8Sob6AJUZnAOE8FI7p_kA&google_hm=mlJH-6QUTQSrFf6ejgln1Jo

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:20 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPmz1LzGrae_JqSoE1AmhDZJytg3sR6ekQ3a17CWevHqEYvzLvcQwUlHRZBXFcIdDTz_zgUJeGFL8Sob6AJUZnAOE8FI7p_kA&google_hm=mlJH-6QUTQSrFf6ejgln1Jo
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 00A3 0
173 B 76ms
19ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEImyhzRj-OHyKUgpQEbl-Y&google_cver=1&google_push=ATf1kGNkOuyRC7cscCCLodm5CaFw-7B2c4xD0aYMD3UuhRd8YwzpDBoe5rVW38xjheuDoSAS_gTm9LXsuO_1ItuiLuLW3MAMdLhdiw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=1&bdt=1353&idt=1&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0%2C1200x280&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qFc2xgK3Gt&p=https%3A//bigl.ua&dtd=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00A3
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI24VNOvQ4ItbzSdACGmFhQ&google_cver=1&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjt...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI24VNOvQ4ItbzSdACGmFhQ&google_cver=1&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGf...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjtuNz8osOEsA&google_hm=jL3RQpZRRKCZWHKHSpJBGg==

170 B
188 B

46ms
46ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjtuNz8osOEsA&google_hm=jL3RQpZRRKCZWHKHSpJBGg==

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjtuNz8osOEsA&google_hm=jL3RQpZRRKCZWHKHSpJBGg==
date: Fri, 16 Jun 2023 12:28:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00A3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK46BrgTm10Qeaw8-oIxqa8&google_cver=1&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCslFoYM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK46BrgTm10Qeaw8-oIxqa8&google_cver=1&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCs...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIzODAyNjE2NDQ4OTcxNDI0MQ&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCslFo...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIzODAyNjE2NDQ4OTcxNDI0MQ&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCslFoYMqLrBQulNZH5M_lG3bl6xGA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIzODAyNjE2NDQ4OTcxNDI0MQ&google_push=ATf1kGMOM_BPStKVbSjS4DLTHWrsswPYRNaZsv9jborU9i6aoYrF9tulJDgnqL7dNB555hH1jCslFoYMqLrBQulNZH5M_lG3bl6xGA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 00A3 43 B
362 B 15ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEGYrm6f3TCefrZtjxFeNmBQ&google_cver=1&google_push=ATf1kGMHpr294uw1a4zm3E9lhWjacCNJSoH23pxDXtuuEkckGmUfjSaTmXdJhayrCz-QdLM5lX2vWW3gcSm9kAFm9lG9hgqDg55e8w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 12:28:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 200596
expires: Fri, 16 Jun 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 00A3 0
12 B 47ms
46ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoMViETRXM9VFRjalzYTDOCn-zHvVhZJJMGS_zexbGD_9axWKE7BVRWWLZ8UDeM8Wxdok-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C862 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff93ff44090767b89f2ede8722d1d82be9c47aa7a84cdf3cb027d86ce92b1274

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C862 15 KB
16 KB 157ms
35ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 16:10:14 GMT
x-content-type-options: nosniff
age: 245890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 16:10:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C862 15 KB
15 KB 193ms
74ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 566052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 23:14:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C862 15 KB
15 KB 162ms
44ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 51137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 22:16:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 171ms
94ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230614&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3696e18c722eaded7f8a726670b55d1d873f9f92e8cef53b91bcbd9978759aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11290
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame D303 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 18:34:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 366ms
366ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 12:28:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 67E5 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 23:17:35 GMT
expires: Fri, 14 Jun 2024 23:17:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9850 783 B
534 B 54ms
53ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7503d7329443ca8c803de4d6fd9cc279d03c26100ff82f383cf1beb77a17e3fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0PykC7HP_Xt7Qr9dMmlssw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-0PykC7HP_Xt7Qr9dMmlssw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 12:28:25 GMT
expires: Fri, 16 Jun 2023 12:28:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 67E5 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 18:34:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9850 0
0 72ms
71ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230614&jk=3331998138225903&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 67E5 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v6qRpA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:28:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230614&jk=3331998138225903&bg=!i4iliNzNAAaGYqkwpmI7ADkAdvg8Wqrg0-RgeA8c0FOJViWUcGmt1ifo6RXsBQdEBJ28vUEnO0NjgbtHLa9jrnp8BuSduD2Yb1ICAAAAZ1IAAAACaAEHCgAFqaQx-xuZAtqUii6btKsvVR7I71hbyw5Wsa5jg8jsxvBMB6IQ-I8sNo5CWE8IlJgmIESmhQe0n83xbTO5MbYiVSEMhI8WEFcZvRYVp-MwIh9MbOW64mZPKwBFuvY-b20dQTZyJoXfSZxNvGkjbCni4Hql5CSZINJeMdwnK7vh2B9dty9M_YwGVGBVKcMohyIgl5t-yLQNkJxBF60vwQ935GKjJAzLkafssBj0pqvdeUJf6FWMcrKI9d1Zb61KfFv2NzJ1fxwZU8yV4Qr9aRdlbgO7b-DdTLI4JIuYWWnTcSxMDcQTE-gbvve5p-DZ9_zlKHJtq580DrIYzXVCDWwHFkvhFzU2TEJnVk1c_w9F-WbokzS6b1Q_EDX8cSNfz6YPG4FMuH9D8fYuwt2E0kK_QTSTZQ8aE4lrqlSLILw1MMktzNu_Iv4oDlBDbXXUgDxCnfUVFusPS50XAAxI7x8QsoQJ5sEhpDCzhOQ3HLsVzXHuEGBovOTusR3X6vYxeR0--LzJScc8FZXMeflFdrzIqI6WGjgG19OaIbdiIq3i0UC83pgHiaRadAh-GMBU4tsxp7gKwz0s6KHqJncsOaHbjRKTL5keA2ZlfgdFd8JmGEmX2W87_bfDY8NxkZfbl_Efz2lO9sOT6wkIH_fg5nZj0Ofxx-DXIcuOGznuJ_aG4kUnv19ByKMJkVz9SNssLt2suVbvYLKFefd_WEkolHjOAEuewoDjekLwSjmY05Kk0fdxNwWmlBHuGBzwdHYHU1w7g7hfXAC88911lcgs4_c4eZAAdinpDDDnyWiqgC-tfqNatvt2G5J6nZz24l1hwUKlPY3Gw6RQaTZUTv_UK0jbkXQTCUa2IV_9szLy3Aj18ghVzvJzHa_q-Rr9pq5dUWXK2qlLxk5Nka06n0W-8oeAk9Ssx5EtccmQ8JLDlsAItWxw2raWFdQMgERrrYLhvJW18Bx8g1DRwnyDvUY6XGrTl_7n

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bigl.ua/	1970-01-20 13:18:30	Name: cid Value: 307217989827445693240831004280619530207
.bigl.ua/	1970-01-20 21:20:54	Name: evoauth Value: w6461a363019643f4b2725e3a0b867944
.creativecdn.com/	1970-01-20 21:20:54	Name: u Value: UJbOFdrueoZk9a6PvpfD
.creativecdn.com/	1970-01-20 21:20:54	Name: ts Value: 1686918499
.bigl.ua/	1970-01-20 22:11:18	Name: _ga_N053KL2046 Value: GS1.1.1686918499.1.0.1686918499.60.0.0
.bigl.ua/	1970-01-20 21:56:54	Name: __gads Value: ID=a5cb932ba2b445df-22be768991e100e2:T=1686918499:RT=1686918499:S=ALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg
.bigl.ua/	1970-01-20 21:56:54	Name: __gpi Value: UID=00000c4fc592d01e:T=1686918499:RT=1686918499:S=ALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA
.bigl.ua/	1969-12-31 23:59:59	Name: user_tracker Value: 40494259e1cf16d5715931ad39d214d884b77d62\|185.213.155.154\|2023-06-16
.bigl.ua/	1970-01-20 21:19:28	Name: csrf_token Value: 0a726071ddd54b8d80eb425932555450
.bigl.ua/	1970-01-20 21:20:54	Name: auth Value: d28bd154f1243bf1850a1bafb3a838b1e04786ae
.bigl.ua/	1970-01-20 12:35:22	Name: AMP_TOKEN Value: %24NOT_FOUND
.bigl.ua/	1970-01-20 22:11:18	Name: _ga Value: GA1.2.c-7A6cwJbCHHsf3DjW4s1eLs2KqOCMU1
.bigl.ua/	1970-01-20 12:36:44	Name: _gid Value: GA1.2.2008982061.1686918501
.bigl.ua/	1970-01-20 12:35:18	Name: _gat_main Value: 1
colbert.evo.company/	1970-01-20 22:11:18	Name: responder Value: 7i7Bjir2ztQFeNT2RTKruUh1hU1jm7tdDqImHbWaqKBCElnro3LIwG88AJyGihVqb0vXHxrvH1z78A0x0N_YSg
.adfarm1.adition.com/	1970-01-20 14:44:54	Name: UserID1 Value: 7245259792824400019
.everesttech.net/	1970-01-20 21:20:54	Name: everest_g_v2 Value: g_surferid~ZIxVZQASH5nJEwBS
.doubleclick.net/	1970-01-20 21:56:54	Name: IDE Value: AHWqTUnw41YhTmJNwQt-eIFrI31BC_jcozzU1nQfqCSbdoGI77w8E_pl__EeCCGrRpQ
.w55c.net/	1970-01-20 22:05:32	Name: wfivefivec Value: H7jMbftB1Qa8yV5
.w55c.net/	1970-01-20 13:18:30	Name: matchgoogle Value: 5
.ctnsnet.com/	1970-01-20 21:20:54	Name: gid_CAESEFE_6xtYlYLiC_XuYfnESjM Value: 1
.ctnsnet.com/	1970-01-20 21:20:54	Name: cid_9a5247fba4144d04ab15fe9e8e0967d4 Value: 1
.blismedia.com/	1970-01-20 21:20:58	Name: b Value: 648C5565A174C14B25B7A392BLIS
.adform.net/	1970-01-20 13:18:30	Name: C Value: 1
.adform.net/	1970-01-20 14:01:42	Name: uid Value: 8238026164489714241
.tribalfusion.com/	1970-01-20 14:44:54	Name: ANON_ID Value: apnunmRkP6i6eCno7bEkV0ga3HtxtlvlIuYq6SxpGlov7pVcrWHSvlC6T6c4ZcLi1mXZd4L9EbIGfILqu03emDZbZc2SBZbZcDvIZalpfPg
.bidswitch.net/	1970-01-20 21:20:54	Name: tuuid Value: 8cbdd142-9651-44a0-9958-72874a92411a
.bidswitch.net/	1970-01-20 21:20:54	Name: c Value: 1686918502
.bidswitch.net/	1970-01-20 21:20:54	Name: tuuid_lu Value: 1686918502
.bidswitch.net/	1970-01-20 12:35:18	Name: google_push Value: ATf1kGMFZ3R7PIaGGfVa4lnIVS7DfrqorZNS5vmIBcYppOJpL-Pi8ZxGol_LDgFvYjfhGBRA2fdM8GUCf4kOGfUEYPjtuNz8osOEsA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://bigl.ua/(Line 5) Message: The key "" is not recognized and ignored.
network	error	URL: https://my.bigl.ua/ps/track_informer_views Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1686918500&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686918500391&bpp=2&bdt=1352&idt=-M&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5cb932ba2b445df-22be768991e100e2%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZI-kp2E1oWncCFuG4mAyd3zdketg&gpic=UID%3D00000c4fc592d01e%3AT%3D1686918499%3ART%3D1686918499%3AS%3DALNI_MZKMAdlmz-AE6s78YLO0LDCnzIeyA&prev_fmts=0x0&nras=1&correlator=2143166722712&frm=20&pv=1&ga_vid=1390311358.1686918499&ga_sid=1686918500&ga_hid=376242648&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442&oid=2&pvsid=3331998138225903&tmod=1377776062&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=j75DCHmHru&p=https%3A//bigl.ua&dtd=31 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGOXrNoDbtZSgMu9Tuhjp621xvDHBvG_TjKuCfivhyjN9ppTdtCRL1lQWgoLebqyIzWiPiXOPbV-_BrRpCT0nE9tkBA1eTi2ig&google_gid=CAESEH9HH9ULhSwq9Mby49agdEE&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.eu.criteo.com
adservice.google.com
ampcid.google.com
ampcid.google.de
aukro.ua
bigl.ua
c1.adform.net
cat.fr3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
colbert-static.c.prom.st
colbert.evo.company
creativecdn.com
csm.eu.criteo.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gotcha-server.evo.run
id.rlcdn.com
imageproxy.eu.criteo.net
images.prom.ua
midas-external.bigl.ua
my.bigl.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
tracker.bigl.ua
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
pagead2.googlesyndication.com
104.102.35.84
142.250.184.226
151.101.2.49
178.250.1.9
178.250.7.9
185.184.8.90
193.34.168.232
193.34.169.10
193.34.169.35
193.34.169.9
2001:4860:4802:32::36
2606:4700:20::ac43:46e7
2606:4700::6811:180e
2606:4700::6812:19ad
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a02:fa8:8806:13::1400
3.126.192.167
34.96.105.8
35.186.193.173
35.244.174.68
37.157.4.24
52.58.91.78
85.114.159.118
005ed092fa26e76ae99a5613a420e81c377e9767fde19ecdeb651fb681b1464c
0343bb8536cc4b19147cee2ce5a099500f075ee4114be7b372905eb3dbf0979e
03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06316b9ba8cfafe0c219bfb1d1cafa097d162b4b3d39556d24cc3dfcb32a9fb8
066b2cd584d2e287c8c1605703d409aeda83cb5b16ebeeb2d3a883981c5e033f
0762e1e9263d387e46bf927756840f8102c0347fcd79f2b0c045951715aa3b24
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
0e7c2760bb9df1a909dbb5246b5dec24256da41480ad548bfe395e0420ef2774
139f689d4ac98146beabc0e2b36a5ca862671b13e5b7870e91ef447e3cc54c41
144d9ede7030fa71d39e255983e58b20d1bd0ff5eb097075b336b92efaa67447
157a1f3efab3a5579b0b5b21de01eab379560c759b8885ef5fcc1d8cad562b93
174901599445b17dab8d7f4cc7681374bd38a2d98a85ebee80bb3e921929a436
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
1f30b20cd353571d2a3c6270f9dd7f013676caabfe6ee67be16ebfdc684e7bd0
253f23d878f91cec1745639de57eb0739305fad3d4db8095aefdb980e3a5175b
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
28daff77709b2c4350e36a58ca47d0c639921229f1972d6ce1c5185cb301ceb5
2c37e5b74f3e39e565c5b5329ca44bfdc17695b6fec2e2dbfcdaa00d152c02cd
2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76
2d3a285bc41da7d31ed5766dea513bafcfe4b9fba3aba2a18bb23f4aae24419a
2f54b13dbf4fc7321aa9f74f14e6ba5fe6e9a08912773609d925ebc53d72644b
2fe84450dfcba228b62d6c47c82e292d485c6252abc92365f06104b49e409f0d
30517f545cdbe4e0bd3dadb74a7d5049ef74cfca361fb3ac750eaa6c62e55c15
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318a7eb99a398fc1ca10d371ca4ace598e345fc07abae6705fc1a532d2b191ac
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
354647ed51ee858224b911c15019e6623d9a92bd9598e189b18ed287fc99e992
3909aae2d9ad789c09afcd2545110db39e9180e203ab438bc2d03f829764889e
398f80c7588f373a3578db5be8d686a9c047d3f121acbca625ab47076469945a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
41f0f6e9abce97c5dc8366d88ba43460d877ef249ac1205e271220292f798b34
446769f0a0c913803740eff001847a379620685a8431450a04f106af4fbdf05b
47cfb5ffee0f8343f8e36c0f7c25db9a0077a90942bc767ec90d29448210720c
48620aca298a38cd2518ee9198ff25c250c7f42b1925855e1384149d4583ea5f
48a18c245b692be342d2e24c87a73c1aee0de138fae3f6536239d565fb88268c
49f1117a5e8cce19bc68443dedfcf44c5e0f923bca050f24b7f959526badba6c
4bdd7fa6cf14c27758e296fbca25419c702f10f72941211d35723f58cd59ea70
4c34bdb875f35418f90c3f426b2da0078370e1479dea9cbc18fed6eb97291ed9
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5073a3aa030e8b1160b9b34c4f35beb86ae7ac11d89896fc2f6f564fe292fd00
50effb2a8d688da32bb5e8aea2909a50faceee1a4de88afa6a88029df7373f4f
520b9cc9d85fd3d647e7c8cbd1907b7f1b7915f550a0c8f5abfcfdd373c9851e
54f0ff0445947e0b65897e0fc171022a3eb8d8f5b27e839f463c41fbe8d0dafb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ad4991f2318be5cae3078fc098b8f1b23df3d1bdd75e4a3ad45ffa8b44b77b5
5bd340a22652131a326826cc41993723faaef6bce21c442b2bc3dfd8366e0202
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b4b46e244c00faeae3dadbd4c400efc75cc376d8d9209c6ada498fa8198456
649ec18fafe18e7629f923ddddcbaa80b83d2689ae88236fe44726c67a962bbf
64b797a0ce98432b9720aa97a2a7a6e7f7d86348832f7f06d985d0b0e403debf
66f0e4d517b500c96f65ab3a8e9b6fd617a8c4f0d76cfc88d5ccf14134e30d83
70cb8b2475132f48835904adeaa01f6579ab9107babd9915a8aba1e2af1b5ccc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
735c36862ca0cbf9be4300c17809f4cdfaeab800a61254ab5906e20abb935711
7503d7329443ca8c803de4d6fd9cc279d03c26100ff82f383cf1beb77a17e3fc
769e97c35eaf76a039748b13b972c898a8b279dd6af16f3b12b8286bbe56e8a2
7bd1e39b67ad2cec2d4ac29da3e1612528c46e43c9f758f15bd6f2ab544c66d6
7e275c64cddc013b16ad1b05ea5fd3ba39845abed2d73c2a90dec3fabe65cdb2
7f2428836c373bbbe8ca476b409ce4037058a820dee4c09fb0a58b11f616b6eb
80ff2908e720ceaef6bc6138157c810dea18921796b03efd6096c5fe051eb761
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd8485a2ba667665c983e725c1d470e18b547f46484b97672d505ec0817152
8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849
8483f404939ebe8cc5c06f5460c44be3d5825b1cbf43b0efcb3d68a868328312
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
8984b84f701e0dac011a02cba592b3d5bf5a963096e7677df3c0e1275b56da23
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93d7544440fa69acb982a8126c66afcd7ca93bb547a4dc88849d2954e378c9ab
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a06dd66d7265a6ce0a7b3a38e31a52bb3e731bf34872259a50fb7c84ac7146fd
a0e3c67266cc4b0e41361655ace9d55fa223ded4950a3dbd4c9dbd40f90a4d70
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5985dc47b8995ceb6035a19624210fc7aa89d796b50d439c06b81002b43e8db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a724680bfe0ce1a70800c727cc17247abb21a763f38173f9f0374920e128db0a
b08007d4faf7e66dc265568738d849f66679b83b8159a73a0f58cfbd7f8f9fe3
b17a993a135a307a1bb2c0bb792acdc7695117860f8d361e569dd85b4040f8d1
b308e23036e484b08451dd886a26a4c05d4f5ba91100d20af3fa23f14e05bb08
b96a2face9049bb6b283acacc8f92fc40f3cd73be97ba80a881dc5744d9ebaf3
b9910f1889eee2368444871c18b7f009092754ff93da56ee27ca1587505bcd20
bb025300965b77fb08fda75a66468d127e1845a5eb5763eb6885a197d8e6ea7e
bbffb8fee2ba2a02bfb77ee3b96d17d0f4c8570c89118ab909fdf1b78080e3ef
bc6d04f1867aa9d1fcc0db04a837b42c1b3843907f703baa1dde6347286311ad
c092ffa0aff369fb8d8a8fcf94b8834306b9b5c370a9728e4e27f369f1390d4c
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c19c3f4c114bce5e001b4747c5fc0a63b5c0d0832fa4ad775c8192c81b596319
c2977788adee41f88362a1bf02982c5b6af82b3c348421a5b1955f6602574e49
c2d4b89d749ea58b9f38c2ea606617d002cab0f09198892ed82014cd014b3ee2
c51d57356324556dea1acad4f6a708e86d1cce1adb9e39f8e0220cf97de73c40
c9c69f9ce1741f3e5a0ea13e8d27f5073d6ad337fde898e27710351ebfc14428
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb159836f3e9e9d8a0b598f2fe959623151570d56800c19be725c63438b37947
cb649b8984a9cd57877139f7e8eb2034fac8a696d9d8d50ce3eeb99f12728ba0
cd4d12b463e695328d7bdf586758c3dc7d8e61b15b34bc5f10e446da9c1a954f
d20958131bd54831cbbd3fe728789d3249362ec345b2d581b3cfee5384fe1239
d3696e18c722eaded7f8a726670b55d1d873f9f92e8cef53b91bcbd9978759aa
d5a0c20a70fbdabbe32a9be5d11aa679b8981a9606758b84f5029c57aef4329f
d7685e52f6f68cdfc5fb485ad23915dd2db27e6336cb3cb9023cc56f673c5bdb
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
db79878d2ffff5c5de7051b6f9dca84e7df34bb42999e617902f9f4d99375b2d
def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e27eb039db324882c60620df691db93af5142fd2ff1a8746f6a2943be39ae7df
e37c4bbcb7a1c857eab6aba6f286fa92be5b7541c3aaa79978e61d522ddb4e75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8c2f572a71772c8473efa12c92a1f13d7d8a47bccf16810f97c4905b48f16
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec73a9adc8691e7c87e1fe3f192ead6f047480459f914f8c5d7e6a78e6f465a6
ed9c235aa8b2ab618c639c5f1485a3f139a55c58be5d05818f8f880880feb663
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efef621ab4afe8571d7fe04fc04465a3b09fb38407227ad333b86807f74fb339
f4c8bf34e471832635037e18bc7aac5a9a0d81f6ff82925c8c022c7e059e45c7
f4f9e27dd7be2010cab5b10419db0d8c551bbb0ce9a690b704fcdddd6a034c2a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f66f3d6a08c5006bc536cb74578f916288c28db97b853cf07447c886f9178118
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f748eba184df960613999872597a709d7adc82face08df21eaaa9979c53a6d84
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8aab94b8aae9d1ee431e2af4921119fe4a95fdecfb78c6dfd76785e06521586
ff93ff44090767b89f2ede8722d1d82be9c47aa7a84cdf3cb027d86ce92b1274

bigl.ua Open in urlscan Pro 193.34.169.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

95 %HTTPS

60 %IPv6

31 Domains

48 Subdomains

38 IPs

8 Countries

1785 kBTransfer

6182 kBSize

30 Cookies

1 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

bigl.ua Open in urlscan Pro
193.34.169.35 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

95 %
HTTPS

60 %
IPv6

31
Domains

48
Subdomains

38
IPs

8
Countries

1785 kB
Transfer

6182 kB
Size

30
Cookies

173 HTTP transactions
2 data transactions