bigl.ua Open in urlscan Pro
193.34.169.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ssl.aukro.ua/
Effective URL:
https://bigl.ua/
Submission: On November 22 via manual (November 22nd 2023, 5:32:29 pm UTC) from GB — Scanned from GB

Summary HTTP 160 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 28 IPs in 9 countries across 25 domains to perform 160 HTTP transactions. The main IP is 193.34.169.35, located in Ukraine and belongs to EVO, UA. The main domain is bigl.ua. The Cisco Umbrella rank of the primary domain is 975588.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 4th 2023. Valid for: 3 months.

This is the only time bigl.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	193.34.168.232 193.34.168.232	43896 (EVO) (EVO)
35	193.34.169.35 193.34.169.35	43896 (EVO) (EVO)
34	193.34.169.2 193.34.169.2	43896 (EVO) (EVO)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	193.34.169.9 193.34.169.9	43896 (EVO) (EVO)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::ac43:8c85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	52.29.13.21 52.29.13.21	16509 (AMAZON-02) (AMAZON-02)
11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	18.159.232.130 18.159.232.130	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
22	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
160	28

2 193.34.168.232 (Ukraine) 2 redirects

ASN43896 (EVO, UA)

ssl.aukro.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 193.34.169.35 (Ukraine)

ASN43896 (EVO, UA)
PTR: bigl.ua

bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
midas-external.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.bigl.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 193.34.169.2 (Ukraine)

ASN43896 (EVO, UA)
PTR: images.promdns.net

images.prom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.169.9 (Ukraine)

ASN43896 (EVO, UA)

colbert-static.c.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8c85 (United States)

ASN13335 (CLOUDFLARENET, US)

colbert.evo.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.13.21 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.232.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-232-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bigl.ua bigl.ua — Cisco Umbrella Rank: 975588 my.bigl.ua midas-external.bigl.ua tracker.bigl.ua	528 KB
34	prom.ua images.prom.ua — Cisco Umbrella Rank: 267724	156 KB
28	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	382 KB
19	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	41 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	246 KB
7	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 dis.criteo.com — Cisco Umbrella Rank: 597 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732	90 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 599	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	248 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	10 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	794 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	128 KB
2	evo.company colbert.evo.company	652 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3827	562 B
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 592	909 B
2	aukro.ua 2 redirects ssl.aukro.ua	303 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	611 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	539 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	104 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	552 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	prom.st colbert-static.c.prom.st	56 KB
160	25

	Domain	Requested by
34	images.prom.ua	bigl.ua
27	bigl.ua	bigl.ua
22	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
11	cm.g.doubleclick.net	googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	bigl.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
5	my.bigl.ua	bigl.ua
4	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	www.google.com	bigl.ua googleads.g.doubleclick.net tpc.googlesyndication.com
3	c1.adform.net	3 redirects
3	www.googletagmanager.com	bigl.ua www.googletagmanager.com
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	pm.w55c.net	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	colbert.evo.company	colbert-static.c.prom.st
2	midas-external.bigl.ua	bigl.ua
2	www.google.co.uk	bigl.ua
2	creativecdn.com	1 redirects bigl.ua
2	ssl.aukro.ua	2 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	tracker.bigl.ua	my.bigl.ua
1	colbert-static.c.prom.st	bigl.ua
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
160	37

This site contains links to these domains. Also see Links.

Domain
forms.gle
my.bigl.ua
apps.apple.com
play.google.com
help.bigl.ua

Subject Issuer	Validity	Valid
bigl.ua ZeroSSL RSA Domain Secure Site CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
prom.ua ZeroSSL RSA Domain Secure Site CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.prom.st ZeroSSL RSA Domain Secure Site CA	`2023-11-10` - `2024-02-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
evo.company GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://bigl.ua/
Frame ID: 5D5F47628646CDC7766181E0E61F28AC
Requests: 82 HTTP requests in this frame

Frame: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
Frame ID: A268E422F013895F5F544348D95EEB1C
Requests: 1 HTTP requests in this frame

Frame: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
Frame ID: 48C26ED316AACC1A521D80C1F56369E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 097B799C001C226744CAF574CBF26DBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&adk=1812271804&adf=3025194257&lmt=1700674344&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbigl.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674343767&bpp=3&bdt=395&idt=366&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3111387532284&frm=20&pv=2&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=381
Frame ID: FC57D2199D4CC10E0C355BCC8B4BBB5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344071&bpp=1&bdt=699&idt=84&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=88
Frame ID: AFD595E74EC4FE9F56B6A5ACCDF0D685
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95
Frame ID: 994611EB3F8DC39AC731AFABE3010A0E
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV47KAADUBAIFUG2AAn-2zIXJnXJ7V7jvk8IcA&u=%7CFEvbRS0ryJm1JGqXldxMDxTQ7cGNuosbWs8NBRAb5dQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5ZdRiwGVx3x8Yh6-dSE248I5MWAVtqMXnJuStM2o2opPFAkOQzQJHBI-9JQhtpYg44aoTyqFJBtMpnwHSKesP2HP1hMlwBm3NSw1Di5CuuFWmDisVlsAklOh3IpfpBYvgMaDpwRFTZ1XbAbr620jm3gPUblqlL5JpFrn8659KooyHbIej8WmpQ3bHytsZb3BCQ6dWewl3bcYShyImS16j9dH2cP5n3wZ4kOZfXZBvaJ0XO-6ClAtOYGl5UCFQm2BPDIE78myfXWRh_KFeHedqcXG6Bif9isxWfiq5i4fWOyzIsxiOSxhyypFBx8MBH4remDXAp7nSsDn6KUJVloUC8Mu4rQ2u09zRcVqbUQtR4c13BgOVuH2uUFTRNvInTlChZkMJ9z57AgY-0UkxXtRV-ghY2I8DJ0KkuDHCrkfer4_Jd2V13J0qShSoLIxjIX8Wi17yvhX-2ayM1-UOFWQGuHvlsqOTKkOb82liTykkZSIAoVWLCavU7rgJtFxW9yT7byHwSBOUPNlV4zca38M_magDNkMrduUKUaKbnpvZLrqiwADvQ0bL611bHRY6qd0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXaMGKDteZZCgDbaD1fAP2_2n4Azkj9KxXLfAycfZAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJFJw2QF_-0PqgDAcgDAqoEugFP0FO12dow2YJIsaizon8r1Xvqw2ae7T31k5jKguSmTrHRCJI5IMVaArC42le9G7AF46Sp_WvTTq3l0k5Fl7ipeikimBaZIQIx4047uATJSylQ5heg6D5PJmBdjqP7-ZotluZ7W1y49sRJYTH-3wNdiVtyX9YdoLDqk7vzs4NYmHN55i-qGJXpfRaL6kbgkkg--HlhKuXCkXss2hjKDP2WpMxsVsJPmBlQx98DCsEUvxTub22hJ69YlbqABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07uC0wwtoMIK1xkt9TFtlbWMlQtg%26client%3Dca-pub-7798994293100310%26adurl%3D
Frame ID: 4BE82A0F333FD4C2BB88622FF20B98A8
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C964D053A5920A8837098813F3BCAD5
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV47KAADKPQIFUn_AAliTjg1UHQuVD3r82bJ1A&u=%7CFEvbRS0ryJkxEVWnLv1c5HJiKhcC9rYy0jrD5NfevSs%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDM1ruZnwpBwFtwBYmOhh-CKH22zLiCWSAP3XboWXn-GXc2oSH02dHLEDgZL95iQlrRitvXUL-w5PzHEZM78ug9zac8FWK900CLTtPJlhBmrE2xyDl2rlNHPp9B33iFDF8XB_By_-jgEyBWehJilX9OfL-RpuCsC47O56CRFZDoe8wVsvXRjuNHPL0tT-ZDOlXv_gQmgRmnmzbYQYBb4Mcf8NKVS5EXfqhe0_G8-6zcGxX9GiJEMF1DCqXUbH99Dt6dXPzLSAKxPookhU4b8-Kf5dwZRIrPL7NdIknAVIZNrk-ED3hpq3EPewxV0mOAhIl3v91KMVyAd-848fhkqWtqEti7dZ47f_kfOPMWsswxKeXfLmWlJGcCyicR2qggJi94eXrqFNlDl1wQWa6wt46M4nkkyyeX_bOWGbvcoUX0c9BB4RP3AEDm5xUr3WPWFziRrvdkcAVqWnPk4j-UDJNsWeopE_1cygJDpzcuraFATcEmnAG9oA6XmawTuCkenZY6PT9UUEklwo8ha9CScsCYgtM7TVSfRudZ8HfpTFNhgQ8CFcWJ1qJatDpatR3F8Yh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCicCvKDteZfTRDP-T1fAPzsSl2AHkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJ3GbV0gAa1PqgDAcgDAqoEugFP0DPr0_LgMiyBZUAKNuJqPhXsRIBITTaIhAWhLGzQitWZffkklPQFmjYPd54VDZJ60K11As82VVfur5mZcp0kDh7d8A8RAqwvM99CqNVB62C5xVRW9n273rCXrk12sZUylHDPVlDiD70bXF2c6LGyeD7TBvjuemnQrWECMGOxA1HOYGXud5IY_AYlysLoHYh5RaP_fmtpXTO4BvrIIC4KTHf8So0mf_NbwlEjeCYfz_ZPUzOv07LCyi6ABo3e96HJnKTC1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gY_V3YxSJoBBYdce2l08lwCOxyw%26client%3Dca-pub-7798994293100310%26adurl%3D
Frame ID: 698D6A41493F2F41906BF25CADD87008
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 13F34F3127F7141241A2D164E7E4E568
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E2F89794A8767F679EE0175EC61CBCA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 733476F6255B0236368372FD0E1E1352
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bigl.ua — 73 247 437 Товарів від Перевірених Продавців з Усієї України!

Page URL History Show full URLs

http://ssl.aukro.ua/ HTTP 301
https://ssl.aukro.ua/ HTTP 301
https://bigl.ua/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

160
Requests

94 %
HTTPS

56 %
IPv6

25
Domains

37
Subdomains

28
IPs

9
Countries

1887 kB
Transfer

6343 kB
Size

26
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://forms.gle/e8T9nR74pNBiBDGR6

Search URL Search Domain Scan URL

URL: https://my.bigl.ua/ua/cabinet/favorites

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/bigl-ua-%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B8-%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD/id6467865230?utm_source=bigl&utm_medium=banner&utm_term=footer

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.bigl.mobile&referrer=utm_source%3Dbigl%26utm_medium%3Dbanner%26utm_term%3Dfooter

Search URL Search Domain Scan URL

URL: https://help.bigl.ua/uk
Title: Довідка

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ssl.aukro.ua/ HTTP 301
https://ssl.aukro.ua/ HTTP 301
https://bigl.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home HTTP 302
https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1

Request Chain 94

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&google_cver=1&google_push=AXcoOmTpGXFtU7M9pZHGzidMHGRpakAR44YxjiaO51PBU6bOhPvz-3z9Mmm4jk4Nqyj1XkeuUBlbUIlmIT0FZoKpaO5nMNxfbhlqB2k HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&google_cver=1&google_push=AXcoOmTpGXFtU7M9pZHGzidMHGRpakAR44YxjiaO51PBU6bOhPvz-3z9Mmm4jk4Nqyj1XkeuUBlbUIlmIT0FZoKpaO5nMNxfbhlqB2k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R2tBbEJHQk4xUjVSNW01&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&google_cver=1&google_push=AXcoOmTpGXFtU7M9pZHGzidMHGRpakAR44YxjiaO51PBU6bOhPvz-3z9Mmm4jk4Nqyj1XkeuUBlbUIlmIT0FZoKpaO5nMNxfbhlqB2k

Request Chain 96

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDAy6kOyWVa34UCrw3eJ39c&google_cver=1&google_push=AXcoOmRohOpkN6F8M3-TRWkVgsOeG1-t8yLtikuj2o7RceD9e2QVHKYuIVIW7l6H-XLi4FvZD1_JnI_E2XdWRWe8VreQFF82O7FayY0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3KEBD655SGgJ9w1ZHfW5Fg&google_push=AXcoOmRohOpkN6F8M3-TRWkVgsOeG1-t8yLtikuj2o7RceD9e2QVHKYuIVIW7l6H-XLi4FvZD1_JnI_E2XdWRWe8VreQFF82O7FayY0

Request Chain 98

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJGZxI89yPNlmNxEl_bf02g&google_cver=1&google_push=AXcoOmSOsMBDoQ_QM1ELNgy3p8o6ZuQIv1MvkDQX-vSCl9gTCEwKXUIKD8PjWdPGw-DsWUdmC8Q4NHhgVrAm6hLWweJZ1QFLLKm_L9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOsMBDoQ_QM1ELNgy3p8o6ZuQIv1MvkDQX-vSCl9gTCEwKXUIKD8PjWdPGw-DsWUdmC8Q4NHhgVrAm6hLWweJZ1QFLLKm_L9w&google_hm=eS0ub29ZaGpKRTJwSG8wVjZtV0dPWEJpVmlZOG40WWNleH5B

Request Chain 99

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED_E_K5O3dfBb2Dw4IE2W78&google_cver=1&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0QieNLHHFPNmoDNDMYx6MDUhXbdPcxf4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED_E_K5O3dfBb2Dw4IE2W78&google_cver=1&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0QieNLHHFPNmoDNDMYx6MDUhXbdPcxf4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MDQ0Njg3Njg5NDA4Njg2MA&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0QieNLHHFPNmoDNDMYx6MDUhXbdPcxf4

Request Chain 126

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMAC0KGZY4Z8XcElA2XICSI&google_cver=1&google_push=AXcoOmQl2cRewGXBtN9YLmo9ws5sduI_Mx2XAq947ZfNpsycTH8fwOmfHomdgpd9UVrwZeJp-MDfQjI6oIr_bloPxVvniJhOin_OdA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQl2cRewGXBtN9YLmo9ws5sduI_Mx2XAq947ZfNpsycTH8fwOmfHomdgpd9UVrwZeJp-MDfQjI6oIr_bloPxVvniJhOin_OdA&google_hm=gu6t5UgZZ0QgWT1xFCCE4g

Request Chain 128

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHp2eUEXd4cK8kkuvvR5o5Y&google_cver=1&google_push=AXcoOmRwNgp8PK4n9-CwP-vN4plLvs6WV0pVoJi8M9gO8tn8UH2PaeFqDmkigORIA8Y3-mRkuJxigAo9mnpPVRwJKhpT9_3fpsJwUds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHp2eUEXd4cK8kkuvvR5o5Y&google_push=AXcoOmRwNgp8PK4n9-CwP-vN4plLvs6WV0pVoJi8M9gO8tn8UH2PaeFqDmkigORIA8Y3-mRkuJxigAo9mnpPVRwJKhpT9_3fpsJwUds

Request Chain 129

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECOpVZGL1mcfikvK7ghxqm8&google_cver=1&google_push=AXcoOmQ08T7sQpdQ4nhllLOZN7Q6d0W5BIIAd2PSiIcrHWn5D1lQt69dXT0Ai98HyryTyTVNJQzYfuDZ68VxEjBVJmtdSFp_E1SSeg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ08T7sQpdQ4nhllLOZN7Q6d0W5BIIAd2PSiIcrHWn5D1lQt69dXT0Ai98HyryTyTVNJQzYfuDZ68VxEjBVJmtdSFp_E1SSeg&google_hm=QEhZ-h-sSC2qLgeDWAk3p2U

Request Chain 130

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMZF7kZmcUbIrADhDZwqdyc&google_cver=1&google_push=AXcoOmRSGgCytfcSrphjNT6J_SHbirP6NE3MOVOZ-1iNDsc37uhnqvB-nVPtcfYPu7VyTGBtQdbBurxtXusgOOJIDoczoTHs2hc7oA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSGgCytfcSrphjNT6J_SHbirP6NE3MOVOZ-1iNDsc37uhnqvB-nVPtcfYPu7VyTGBtQdbBurxtXusgOOJIDoczoTHs2hc7oA&google_hm=eS0ub29ZaGpKRTJwSG8wVjZtV0dPWEJpVmlZOG40WWNleH5B

Request Chain 132

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAZIydYOV11eQlINAR82y5k&google_cver=1&google_push=AXcoOmRNXdeeMpQqrXOziz19frE0Gfd3YpAQLSKKSVS9uvnOSrbZ9p8oSfT0jyqwF2lR4RY8G1NY8COVDDyuMxF9MfCaoZWcSF-W-aM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwODcwMTk1MzkwMzEyNTU1Nw&google_push=AXcoOmRNXdeeMpQqrXOziz19frE0Gfd3YpAQLSKKSVS9uvnOSrbZ9p8oSfT0jyqwF2lR4RY8G1NY8COVDDyuMxF9MfCaoZWcSF-W-aM

160 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bigl.ua/
Redirect Chain

http://ssl.aukro.ua/
https://ssl.aukro.ua/
https://bigl.ua/

121 KB
26 KB

1000ms
744ms

Document
text/html

193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

3d53b7fc4d1ca44e4438fc8ea99f0967897caf0df210a7f9494a71babcd0435c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 17:32:23 GMT
etag: W/"1e20d-GHem4GGBFb03KYlXBVS4fXJyIm4"
link: </cloud-cgi/static/corgi/build/js/670_ebac6e0c2f443b93a554.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/corgi_21c87e9ec28d2758bdbd.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/MainPage_98f66bde07ae02499d59.css>; rel=preload; as=style; nopush,</cloud-cgi/static/corgi/build/js/corgi_runtime_a89bd601ceaa00e27edf.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/630_8dd393c195da5bf5b5e4.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/554_edcef6cfd9d100e48f2f.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/670_0d55d5ad475c4230e88f.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/corgi_fc2af243d0cba09f685c.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/66_10f24193acb20582f639.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/853_37a27b5929948bd56480.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/785_d405a15708745e5500a6.uk.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/corgi/build/js/475_7d3a9e52089e73757fda.uk.es6.js>; rel=preload; as=script; nopush,<https://my.bigl.ua>; rel=preconnect,<https://stats.g.doubleclick.net>; rel=preconnect,<https://www.google.com.ua>; rel=preconnect,<https://www.google.com>; rel=preconnect,<https://images.ua.prom.st>; rel=preconnect,<https://www.google-analytics.com>; rel=preconnect
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: 51d1e08a-d4f0-4eb6-8856-6f35784312b6
x-xss-protection: 1; mode=block

Redirect headers

content-length: 22
content-type: text/plain; charset=utf-8
date: Wed, 22 Nov 2023 17:32:22 GMT
location: https://bigl.ua
server: nginx
x-envoy-upstream-service-time: 1

GET
H2 200 670_ebac6e0c2f443b93a554.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 252 KB
13 KB 84ms
82ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/670_ebac6e0c2f443b93a554.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: b0fd06f61506be4755268555778bce0e1a29af4fa0e3bb66376801250f7fe5fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-670_ebac6e0c2f443b93a554.css
x-amz-request-id: tx00000000000005b2bfab7-00652f9bbb-43028443-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-670_ebac6e0c2f443b93a554.css, cbigl.ua/cloud-cgi/static/corgi/build/js/670_ebac6e0c2f443b93a554.css
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 12564
x-cdn-ruri: /build/js/br-encoded-670_ebac6e0c2f443b93a554.css, http_x_cdn_ruri
last-modified: Wed, 18 Oct 2023 08:20:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: ferdelance, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 corgi_21c87e9ec28d2758bdbd.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 10 KB
3 KB 85ms
82ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_21c87e9ec28d2758bdbd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c88f30ad811f9de07a6b33e792d70d6fcc02fd18c93ffcaaa05b966287d2386c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_21c87e9ec28d2758bdbd.css
x-amz-request-id: tx0000000000000a729a3b5-0065532aef-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_21c87e9ec28d2758bdbd.css, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_21c87e9ec28d2758bdbd.css
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 2623
x-cdn-ruri: /build/js/br-encoded-corgi_21c87e9ec28d2758bdbd.css, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 08:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: lancehead, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 MainPage_98f66bde07ae02499d59.css
bigl.ua/cloud-cgi/static/corgi/build/js/ 3 KB
2 KB 85ms
83ms Stylesheet
text/css 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/MainPage_98f66bde07ae02499d59.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: f0f4177cbb0b0646a5cea0c972812b96e1390fe8ff91b4df681da036ce09d1a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-MainPage_98f66bde07ae02499d59.css
x-amz-request-id: tx0000000000000a729a3d5-0065532aef-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-MainPage_98f66bde07ae02499d59.css, cbigl.ua/cloud-cgi/static/corgi/build/js/MainPage_98f66bde07ae02499d59.css
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 867
x-cdn-ruri: /build/js/br-encoded-MainPage_98f66bde07ae02499d59.css, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 08:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: nginx-cache-01, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 corgi_runtime_a89bd601ceaa00e27edf.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 20 KB
6 KB 85ms
83ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_runtime_a89bd601ceaa00e27edf.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 41bad3cdb8c719a3ee4ec6891e5ad6228d724d968d9316003a7a1e2a4d2fd8ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_runtime_a89bd601ceaa00e27edf.uk.es6.js
x-amz-request-id: tx0000000000000a7f19882-0065536a75-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_runtime_a89bd601ceaa00e27edf.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_runtime_a89bd601ceaa00e27edf.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4828
x-cdn-ruri: /build/js/br-encoded-corgi_runtime_a89bd601ceaa00e27edf.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 12:38:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: sidewinder, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 630_8dd393c195da5bf5b5e4.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 1 MB
255 KB 86ms
84ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/630_8dd393c195da5bf5b5e4.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: e143173e3fb67239106c8a6d43d676dc6673e45d3998d129e06d43848f5df9b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-630_8dd393c195da5bf5b5e4.uk.es6.js
x-amz-request-id: tx0000000000000a972b7f5-006553d522-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-630_8dd393c195da5bf5b5e4.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/630_8dd393c195da5bf5b5e4.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 260137
x-cdn-ruri: /build/js/br-encoded-630_8dd393c195da5bf5b5e4.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 16:28:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-06, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 554_edcef6cfd9d100e48f2f.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 71 KB
17 KB 86ms
84ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/554_edcef6cfd9d100e48f2f.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 9c9dfb8ca0fafac9cc8566795cf9e0640cbd40f7344b8277f3d46a1b03b2cd31

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-554_edcef6cfd9d100e48f2f.uk.es6.js
x-amz-request-id: tx00000000000004c4d03de-0065421605-46c59b2c-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-554_edcef6cfd9d100e48f2f.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/554_edcef6cfd9d100e48f2f.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 16852
x-cdn-ruri: /build/js/br-encoded-554_edcef6cfd9d100e48f2f.uk.es6.js, http_x_cdn_ruri
last-modified: Wed, 01 Nov 2023 09:07:57 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-03, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 670_0d55d5ad475c4230e88f.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 493 KB
64 KB 86ms
85ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/670_0d55d5ad475c4230e88f.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 77a0837e54b9cb25662d82e3200272dce582cfc77a7083674740876b086860a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-670_0d55d5ad475c4230e88f.uk.es6.js
x-amz-request-id: tx0000000000000a89e7891-006553d522-46c5b695-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-670_0d55d5ad475c4230e88f.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/670_0d55d5ad475c4230e88f.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 64563
x-cdn-ruri: /build/js/br-encoded-670_0d55d5ad475c4230e88f.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 16:28:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-04, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 corgi_fc2af243d0cba09f685c.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 461 KB
43 KB 86ms
85ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/corgi_fc2af243d0cba09f685c.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: cbaad7bca9b9e901bbc61202fd4ef3fa12b07025f1a58d24358fb7bbb83d57d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-corgi_fc2af243d0cba09f685c.uk.es6.js
x-amz-request-id: tx0000000000000a729a40b-0065532aef-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-corgi_fc2af243d0cba09f685c.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/corgi_fc2af243d0cba09f685c.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 42915
x-cdn-ruri: /build/js/br-encoded-corgi_fc2af243d0cba09f685c.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 08:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-06, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 66_10f24193acb20582f639.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 164 KB
28 KB 87ms
85ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/66_10f24193acb20582f639.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: b8c94dc3c63f0eafc2be89c9b41a6b6a0d887a0a49c43f7ef98d89a7ef556e65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-66_10f24193acb20582f639.uk.es6.js
x-amz-request-id: tx0000000000001484019da-0065042b2c-3ba8f1ab-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-66_10f24193acb20582f639.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/66_10f24193acb20582f639.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 27757
x-cdn-ruri: /build/js/br-encoded-66_10f24193acb20582f639.uk.es6.js, http_x_cdn_ruri
last-modified: Fri, 15 Sep 2023 09:53:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-06, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 853_37a27b5929948bd56480.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 86 KB
11 KB 87ms
86ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/853_37a27b5929948bd56480.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 1a5b4834af7125ea892a2b87bec21b38ae37932f3eacf69db64aeaa177cea20f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-853_37a27b5929948bd56480.uk.es6.js
x-amz-request-id: tx0000000000000a729a41b-0065532aef-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-853_37a27b5929948bd56480.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/853_37a27b5929948bd56480.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 10360
x-cdn-ruri: /build/js/br-encoded-853_37a27b5929948bd56480.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 08:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 785_d405a15708745e5500a6.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 58 KB
5 KB 171ms
170ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/785_d405a15708745e5500a6.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: aed6f663c4666ff7d50a00ab9529f31586f543ca4b894ea9b2707e9b41568f4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-785_d405a15708745e5500a6.uk.es6.js
x-amz-request-id: tx000000000000148969eb1-0065042b2c-3ba80b10-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-785_d405a15708745e5500a6.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/785_d405a15708745e5500a6.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4582
x-cdn-ruri: /build/js/br-encoded-785_d405a15708745e5500a6.uk.es6.js, http_x_cdn_ruri
last-modified: Fri, 15 Sep 2023 09:53:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: whiptails, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 475_7d3a9e52089e73757fda.uk.es6.js Show response
bigl.ua/cloud-cgi/static/corgi/build/js/ 86 KB
11 KB 171ms
170ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/475_7d3a9e52089e73757fda.uk.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 44de39a842369511a9a832ef96677364a35186fb15fc9063cf8c423570abe3e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/br-encoded-475_7d3a9e52089e73757fda.uk.es6.js
x-amz-request-id: tx0000000000000a729a455-0065532aef-43272b90-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/br-encoded-475_7d3a9e52089e73757fda.uk.es6.js, cbigl.ua/cloud-cgi/static/corgi/build/js/475_7d3a9e52089e73757fda.uk.es6.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 10436
x-cdn-ruri: /build/js/br-encoded-475_7d3a9e52089e73757fda.uk.es6.js, http_x_cdn_ruri
last-modified: Tue, 14 Nov 2023 08:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-04, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 4469147494_w1750_h80_4469147494.png
images.prom.ua/ 10 KB
11 KB 395ms
223ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4469147494_w1750_h80_4469147494.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 27e1cbeb5f63f1e38246e9adafa4f4d7b02bf26ad15c7a0d997879f23c620810

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 222a0b6f3c67f4827066e93a1330f97120e86e5f_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 42
content-length: 10656
x-request-id: ee0e3288-1bbb-43bf-b4cd-cf3539ef1c92

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 205ms
109ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1663d808671520aae61bff69e91e222fc348f874ceac8efaa607e32b9ab35c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53027
x-xss-protection: 0
server: cafe
etag: 2347290760714832270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:32:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 217ms
121ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N053KL2046

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2b4c282b1b444f61f2b5d9a60292a02d618ea48bf7d5ec1f0a4d93d978ba298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 17:32:23 GMT

GET
H2 200 gotcha-min.js Show response
bigl.ua/cloud-cgi/static/gotcha/ 3 KB
2 KB 164ms
162ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/gotcha/gotcha-min.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 64b797a0ce98432b9720aa97a2a7a6e7f7d86348832f7f06d985d0b0e403debf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000012327ca-00655df13b-4a1be2c6-openstack-1
x-cache-key: cdngotcha.c.evo.dev/gotcha-min.js, cbigl.ua/cloud-cgi/static/gotcha/gotcha-min.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1321
x-cdn-ruri: /gotcha-min.js
x-uri2: gotcha.c.evo.dev/gotcha-min.js
last-modified: Fri, 24 Mar 2023 12:03:13 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu, misam
x-lb-fallback: true
x-rgw-object-type: Normal
cache-control: public,max-age=259200
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 logo2x-ImkFlCC.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 943 B
2 KB 165ms
163ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/logo2x-ImkFlCC.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: e4f8c2f572a71772c8473efa12c92a1f13d7d8a47bccf16810f97c4905b48f16

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
x-amz-request-id: tx000000000000004cf4bad-00647a3b0e-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/logo2x-ImkFlCC.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/logo2x-ImkFlCC.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 943
x-cdn-ruri: /build/js/images/logo2x-ImkFlCC.png
x-uri2: corgi.c.evo.dev/build/js/imageslogo2x-ImkFlCC.png
last-modified: Mon, 29 Nov 2021 13:29:15 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: habu, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 5113520756_w730_h360_5113520756.png
images.prom.ua/ 11 KB
11 KB 319ms
148ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5113520756_w730_h360_5113520756.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 4dfbe1063911e3a7889daa70dbf73a6017c2c65fbc6be12bb51e5e7fc0ba5881

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 9527a283ea3af2de5e4cceb6941f59a72bce101c_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: habu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 171
content-length: 11304
x-request-id: cf938c46-455c-4af2-95cc-9bf7137956a0

GET
H2 200 5125413706_w730_h360_5125413706.png
images.prom.ua/ 14 KB
14 KB 222ms
144ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5125413706_w730_h360_5125413706.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: cb64ab8e0bec215a3683b4edcf87a67fac08ade50320a1ce6dd64321438c15e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 26b7fe74e646fe82c33ea0b51697adc7e6a9744f_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 139
content-length: 14082
x-request-id: ebb62000-8689-4869-a894-dc2f4f7c6095

GET
H2 200 5128254173_w730_h360_5128254173.png
images.prom.ua/ 15 KB
15 KB 301ms
223ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5128254173_w730_h360_5128254173.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: b09bf3a0004cf70d71cc3639efdd37534ea1b617ffcf2389a91a5db87072355f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 9973cfd16d82eb3ef52b372abc57fef3e40fa67d_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 141
content-length: 15480
x-request-id: 92656cc8-096a-4814-900c-ea4d1e98c9d6

GET
H2 200 5094615244_w730_h360_5094615244.png
images.prom.ua/ 13 KB
14 KB 304ms
226ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/5094615244_w730_h360_5094615244.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 0d623ad8439d743d68328656cfdf82ffca752d427f6887675df0163810f8863e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 5db6ff8f8351ed9e2be1e67d57186238ae0c6e51_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 82
content-length: 13546
x-request-id: 96cce667-da56-4baf-9782-8ba5a9a01395

GET
H2 200 safe-shopping-SOaL0Ro.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 165ms
163ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/safe-shopping-SOaL0Ro.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c092ffa0aff369fb8d8a8fcf94b8834306b9b5c370a9728e4e27f369f1390d4c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg
x-amz-request-id: tx000000000000004e4e4db-00647a3b0e-37a4103a-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/safe-shopping-SOaL0Ro.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 794
x-cdn-ruri: /build/js/images/br-encoded-safe-shopping-SOaL0Ro.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: whiptails, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 badgeIos-Ysw4wwJ.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
3 KB 165ms
164ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/badgeIos-Ysw4wwJ.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: d05f0619affb2db80a16b36662d335fa1d3482b331964853db4ede8191aca539

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
x-amz-request-id: tx0000000000000a03787aa-0065520f08-46c59b2c-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/badgeIos-Ysw4wwJ.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/badgeIos-Ysw4wwJ.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1997
x-cdn-ruri: /build/js/images/badgeIos-Ysw4wwJ.png
x-uri2: corgi.c.evo.dev/build/js/imagesbadgeIos-Ysw4wwJ.png
last-modified: Mon, 13 Nov 2023 11:54:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: nginx-cache-02, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 badgeAndroid-BQLaeZE.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 3 KB
4 KB 165ms
164ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/badgeAndroid-BQLaeZE.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 372c5d087f7f5e33888dcd8b682d5a4f9f04d1ed308b8b63144863a921ae12f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
x-amz-request-id: tx0000000000000a03787a0-0065520f08-46c59b2c-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/badgeAndroid-BQLaeZE.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/badgeAndroid-BQLaeZE.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 3160
x-cdn-ruri: /build/js/images/badgeAndroid-BQLaeZE.png
x-uri2: corgi.c.evo.dev/build/js/imagesbadgeAndroid-BQLaeZE.png
last-modified: Mon, 13 Nov 2023 11:54:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: himehabu, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 adv_teasers.js Show response
bigl.ua/cloud-cgi/static/uaprom-static/js/ 20 B
839 B 165ms
164ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: uaprom-static.c.evo.dev/js/br-encoded-adv_teasers.js
x-amz-request-id: tx00000000000000a5887d5-0063fcb60b-2e6b5661-openstack-1
x-cache-key: cdnuaprom-static.c.evo.dev/js/br-encoded-adv_teasers.js, cbigl.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 25
x-cdn-ruri: /js/br-encoded-adv_teasers.js, http_x_cdn_ruri
last-modified: Fri, 13 Nov 2020 11:24:00 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-04, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 bare.js Show response
my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/ 11 KB
5 KB 166ms
154ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 4bdd7fa6cf14c27758e296fbca25419c702f10f72941211d35723f58cd59ea70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000398f49b3-00653d0800-46c59b2c-openstack-1
x-cache-key: cdnclerk.c.evo.dev/v4.3.2/bare.js, cmy.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
x-cache-status: MISS, MISS, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4047
x-cdn-ruri: /v4.3.2/bare.js
x-uri2: clerk.c.evo.dev/v4.3.2bare.js
last-modified: Wed, 21 Jul 2021 08:17:26 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: lancehead, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: sidewinder

GET
H2 200 solve.js Show response
bigl.ua/cloud-cgi/static/power/ 34 KB
11 KB 165ms
165ms Script
application/javascript 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://bigl.ua/cloud-cgi/static/power/solve.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-uri1: power.c.evo.dev//br-encoded-solve.js
x-amz-request-id: tx000000000000062f5f1fb-0064cd0bd5-3c03c3b5-openstack-1
x-cache-key: cdnpower.c.evo.dev/br-encoded-solve.js, cbigl.ua/cloud-cgi/static/power/solve.js
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 10090
x-cdn-ruri: /br-encoded-solve.js, http_x_cdn_ruri
last-modified: Fri, 04 Aug 2023 14:21:39 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-02, misam
x-lb-fallback: true
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
74 KB 154ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2GRR5

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a5c2182553b3ec721a6b5453b4f34fe1a927e193d00264a3f9dda3936336947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75492
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Nov 2023 17:32:23 GMT

GET
H2

204

tags
creativecdn.com/ Frame A268
Redirect Chain

https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home
https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1

0
0

42ms
42ms

Document
text/plain

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 22 Nov 2023 17:32:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?id=pr_K51AHmEuB5EgCmms8AcE_home&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H2 200 iframe.html Show response
my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/ Frame 48C2 3 KB
2 KB 161ms
154ms Document
text/html 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: f66f3d6a08c5006bc536cb74578f916288c28db97b853cf07447c886f9178118

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
content-length: 1365
content-type: text/html
date: Wed, 22 Nov 2023 17:32:23 GMT
last-modified: Wed, 21 Jul 2021 08:17:26 GMT
server: nginx
x-amz-request-id: tx00000000000000b49c6d6-0064009290-2e2ce0d4-openstack-1
x-amz-storage-class: STANDARD
x-cache-key: cdnclerk.c.evo.dev/v4.3.2/iframe.html cmy.bigl.ua/cloud-cgi/static/clerk/v4.3.2/iframe.html
x-cache-source: local
x-cache-status: HIT HIT HIT
x-cache-type: main
x-cdn-ruri: /v4.3.2/iframe.html
x-fallback: true
x-lb-name: himehabu
x-rgw-object-type: Normal
x-servant: nginx-cache-02 misam
x-trouble: IAMHERE
x-uri2: clerk.c.evo.dev/v4.3.2iframe.html

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948379876/ 3 KB
2 KB 152ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948379876/?random=1700674343752&cv=11&fst=1700674343752&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71856085&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbigl.ua%2F&hn=www.googleadservices.com&frm=0&tiba=Bigl.ua%20%E2%80%94%2073%20247%20437%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2GRR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdbcac847654feccab8b67b21d2ea977cf4c0c233d7b9885b530ed84543fd9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N053KL2046&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2GRR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be7c4c9c685809fbe9fe59eccadae576fb2bb82485911c5002ed934b5e069edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 17:32:23 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 397 KB
134 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7798994293100310&plah=bigl.ua&bust=31079698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e53e673da1cb6e17b06934bf090cc8a62ca85204e8b0dba904fc1f7119e97b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137196
x-xss-protection: 0
server: cafe
etag: 8117809121799081111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:32:23 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 097B 9 KB
4 KB 116ms
50ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 64025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 23:45:18 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 23:45:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 119ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N053KL2046&gtm=45je3b81v880257162&_p=1700674343393&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1446286231.1700674344&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1700674343&sct=1&seg=0&dl=https%3A%2F%2Fbigl.ua%2F&dt=Bigl.ua%20%E2%80%94%2073%20247%20437%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81%D1%96%D1%94%D1%97%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1930
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N053KL2046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigl.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 117ms
37ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N053KL2046&cid=1446286231.1700674344&gtm=45je3b81v880257162&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N053KL2046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigl.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 172ms
80ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N053KL2046&cid=1446286231.1700674344&gtm=45je3b81v880257162&aip=1&dma=0&gcd=11l1l1l1l1&z=488163021

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 view
midas-external.bigl.ua/rest/koshykUi/cartList/ Frame 0
0 338ms
83ms Preflight
text/plain 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://midas-external.bigl.ua/rest/koshykUi/cartList/view?source=bigl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-language,x-requested-with
Access-Control-Request-Method: GET
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-evo-access-token, x-evo-user-id, x-evo-user-profile, x-requested-with, x-language
access-control-allow-origin: https://bigl.ua
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 22 Nov 2023 17:32:24 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: eb924c62-944e-4c92-9c92-4da54eb8a0a9
x-xss-protection: 1; mode=block

GET
H2 200 colbert.js Show response
colbert-static.c.prom.st/static/ 210 KB
56 KB 347ms
152ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert-static.c.prom.st/static/colbert.js
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76

Request headers

Referer: https://bigl.ua/
Origin: https://bigl.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-amz-request-id: tx0000000000000028de292-0063ada7b7-2cc722fb-openstack-1
x-cache-key: cdncolbert-static.c.prom.st/static/br-encoded-colbert.js
x-cache-status: HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 56921
x-cdn-ruri: /static/br-encoded-colbert.js
last-modified: Wed, 23 Jun 2021 07:49:54 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: himehabu
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: ferdelance

GET
H2 200 view Show response
midas-external.bigl.ua/rest/koshykUi/cartList/ 105 B
369 B 88ms
87ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://midas-external.bigl.ua/rest/koshykUi/cartList/view?source=bigl

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/630_8dd393c195da5bf5b5e4.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

0343bb8536cc4b19147cee2ce5a099500f075ee4114be7b372905eb3dbf0979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bigl.ua/
X-LANGUAGE: uk
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bigl.ua
access-control-allow-credentials: true
content-length: 105
x-xss-protection: 1; mode=block
x-request-id: be019875-69df-41c9-ad80-f87e4b974d03

GET
H2 200 /
www.google.com/pagead/1p-user-list/948379876/ 42 B
455 B 152ms
55ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948379876/?random=1700674343752&cv=11&fst=1700672400000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71856085&u_w=1600&u_h=1200&url=https%3A%2F%2Fbigl.ua%2F&frm=0&tiba=Bigl.ua%20%E2%80%94%2073%20247%20437%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81&fmt=3&is_vtc=1&cid=CAQSGwDICaaNq6nHCxmlQPvUcVr839bWTn_QSEs0pQ&random=1752049451&rmt_tld=0&ipr=y

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/948379876/ 42 B
154 B 54ms
53ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/948379876/?random=1700674343752&cv=11&fst=1700672400000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71856085&u_w=1600&u_h=1200&url=https%3A%2F%2Fbigl.ua%2F&frm=0&tiba=Bigl.ua%20%E2%80%94%2073%20247%20437%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%96%D0%B2%20%D0%B2%D1%96%D0%B4%20%D0%9F%D0%B5%D1%80%D0%B5%D0%B2%D1%96%D1%80%D0%B5%D0%BD%D0%B8%D1%85%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B2%D1%86%D1%96%D0%B2%20%D0%B7%20%D0%A3%D1%81&fmt=3&is_vtc=1&cid=CAQSGwDICaaNq6nHCxmlQPvUcVr839bWTn_QSEs0pQ&random=1752049451&rmt_tld=1&ipr=y

Requested by

Host: bigl.ua
URL: https://bigl.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 510318686_w200_h200_510318686.jpg
images.prom.ua/ 2 KB
2 KB 162ms
155ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/510318686_w200_h200_510318686.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 9dbd23c6a35f09fc4e6a6190488b64903b23c3a79960cac687c76d74d0612776

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: c64697bde1079cb8b7c7fdf493ce58c5c23a607b_0
x-image-source: Resized original: aws
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 111
content-length: 1682
x-request-id: 10930b17-67aa-482b-b666-c7d10833c272

GET
H2 200 4733658605_w200_h200_4733658605.jpg
images.prom.ua/ 5 KB
5 KB 83ms
76ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4733658605_w200_h200_4733658605.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 6326c381c26e86c3f55601bd82677357f04bf22463a9d5c5692b9e6125e0a982

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 5523c249c592b6bfc53d96400eb2b57d1829c6cb_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 40
content-length: 5054
x-request-id: 03ed3405-0934-4d41-ade1-fbee9985f63d

GET
H2 200 3347578440_w200_h200_3347578440.jpg
images.prom.ua/ 7 KB
7 KB 161ms
154ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3347578440_w200_h200_3347578440.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: f0cf9f7d77ddbfcf5ed51d3a1b0adc5f7dcb1ec4fc6103c62b3dc3c05d508de7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: a16760ed98db993aec760df1f556726d94cf3363_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 92
content-length: 7014
x-request-id: 458e2648-2e34-4799-be4a-4cfa015f8852

GET
H2 200 3579811649_w200_h200_3579811649.jpg
images.prom.ua/ 7 KB
7 KB 162ms
155ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3579811649_w200_h200_3579811649.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: f0cf9f7d77ddbfcf5ed51d3a1b0adc5f7dcb1ec4fc6103c62b3dc3c05d508de7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: a16760ed98db993aec760df1f556726d94cf3363_0
x-image-source: Resized original: aws
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 3353
content-length: 7014
x-request-id: d9cbf890-e2bd-40e4-9050-9abdd16a38dc

GET
H2 200 2481856765_w200_h200_2481856765.jpg
images.prom.ua/ 12 KB
13 KB 81ms
75ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2481856765_w200_h200_2481856765.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: a9ca102c316f7e3f30fbaa5cc17272c827c421c5fe278c9021e7d4b3c5db458d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: dc922ba31cb6bc610630f5f0afdd40e2873e0c69_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: ferdelance
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 98
content-length: 12516
x-request-id: b0eba5cb-ab55-4948-844d-dd249020528d

GET
H2 200 2737507815_w200_h200_2737507815.jpg
images.prom.ua/ 6 KB
6 KB 159ms
153ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2737507815_w200_h200_2737507815.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: e17f9856eeb7042cbeb2835552785fb2126bc4164c7a7c5f078afbfd25dfc78d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: c40cf18aa16e3ee6f45041ef434fe6c209653037_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1941
content-length: 6166
x-request-id: f37494ef-81b7-4654-9b03-bdd032e97b06

GET
H2 200 1877810006_w200_h200_1877810006.jpg
images.prom.ua/ 1 KB
1 KB 82ms
76ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/1877810006_w200_h200_1877810006.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 46c34ce1d686335ad35cc28b4115be1cdc4074e3d877e86826bfb739b5aaee7a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 84d21f97a73f8b1f22c1d767fd22d2e14f8e54b7_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: whiptails
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 34
content-length: 1212
x-request-id: 3910a89c-4a0d-4d18-8c04-388f2baed924

GET
H2 200 4085953896_w200_h200_4085953896.jpg
images.prom.ua/ 5 KB
6 KB 159ms
154ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/4085953896_w200_h200_4085953896.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: cc5a121caf33cebdadfa518ad8df37ed7f9010de3298a4125d4e345f25fbbcde

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 1feb490b0ce458448c68970ddc30343bc7b4f18b_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 40
content-length: 5618
x-request-id: 01b38f46-9291-431b-bfc8-5ed64e215a70

GET
H2 200 2050445248_w200_h200_2050445248.jpg
images.prom.ua/ 4 KB
5 KB 83ms
77ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/2050445248_w200_h200_2050445248.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 32c3a91f717e380f56721294e8cf8bbf749d40e8b0cbee0ce07c40fad4a754b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 1f7420d81cc59c4b99701c82d11976351ca02f92_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 152
content-length: 4350
x-request-id: cd897ba0-ed7e-4d61-a29d-6f07d82f19fd

GET
H2 200 3447158064_w230_h230_zhinochi-sukni.jpg
images.prom.ua/ 972 B
1 KB 82ms
77ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447158064_w230_h230_zhinochi-sukni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 7f2428836c373bbbe8ca476b409ce4037058a820dee4c09fb0a58b11f616b6eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 438232ed8b406cefd838b07b760ceb449e39ea37_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 31
content-length: 972
x-request-id: 146a38d4-a49e-40a7-8f63-5b4f342aa994

GET
H2 200 3447157876_w230_h230_cholovichi-tolstovki-i.jpg
images.prom.ua/ 1 KB
2 KB 167ms
162ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447157876_w230_h230_cholovichi-tolstovki-i.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: f4c8bf34e471832635037e18bc7aac5a9a0d81f6ff82925c8c022c7e059e45c7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: b2a549045db6f48ee01379ae9c0921f803ee5a26_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 36
content-length: 1324
x-request-id: 9720dec0-4d73-40fa-824e-7a5302974f43

GET
H2 200 3522914139_w230_h230_naruchni-ta-kishenkovi.jpg
images.prom.ua/ 1 KB
2 KB 163ms
158ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3522914139_w230_h230_naruchni-ta-kishenkovi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 649ec18fafe18e7629f923ddddcbaa80b83d2689ae88236fe44726c67a962bbf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e8df3563efebaf5679a5d75f7f8643d1e0fa26e1_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-04
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 52
content-length: 1446
x-request-id: 01a82f96-7dd9-4898-9baf-8e43dd01cafb

GET
H2 200 3371841217_w230_h230_zhinochi-sumochki-i.jpg
images.prom.ua/ 1 KB
2 KB 168ms
163ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3371841217_w230_h230_zhinochi-sumochki-i.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 49f1117a5e8cce19bc68443dedfcf44c5e0f923bca050f24b7f959526badba6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 066d5a273fb49f93535a3c70cdfcbcf3c18b6f9b_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 37
content-length: 1524
x-request-id: 09e14bd0-c198-447d-863e-abcb26835785

GET
H2 200 img-VeaJhi4.png
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 1 KB
2 KB 85ms
80ms Image
image/png 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/img-VeaJhi4.png
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: c9c69f9ce1741f3e5a0ea13e8d27f5073d6ad337fde898e27710351ebfc14428

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
x-amz-request-id: tx000000000000004e7e262-00647a3b40-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/img-VeaJhi4.png, cbigl.ua/cloud-cgi/static/corgi/build/js/images/img-VeaJhi4.png
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 1470
x-cdn-ruri: /build/js/images/img-VeaJhi4.png
x-uri2: corgi.c.evo.dev/build/js/imagesimg-VeaJhi4.png
last-modified: Mon, 29 Nov 2021 13:29:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: nginx-cache-01, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 3371843373_w230_h230_mobilni-telefoni-smartfoni.jpg
images.prom.ua/ 1 KB
2 KB 160ms
156ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3371843373_w230_h230_mobilni-telefoni-smartfoni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: e37c4bbcb7a1c857eab6aba6f286fa92be5b7541c3aaa79978e61d522ddb4e75

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 0a49b96caa118e7aed36926dc9741bdea5b87d84_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 25
content-length: 1368
x-request-id: b9b5b970-59d2-43cf-ade0-37012a51d82d

GET
H2 200 3653409945_w230_h230_chohli-dlya-telefoniv.jpg
images.prom.ua/ 722 B
1 KB 163ms
159ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3653409945_w230_h230_chohli-dlya-telefoniv.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: bc6d04f1867aa9d1fcc0db04a837b42c1b3843907f703baa1dde6347286311ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: e8aa08ada62bfd5f1c39b7aa1a53aa5e45a85306_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 16
content-length: 722
x-request-id: c6a91521-c903-4929-b00b-ec6c2f46e879

GET
H2 200 3450991006_w230_h230_planshetni-kompyuteri.jpg
images.prom.ua/ 2 KB
3 KB 163ms
159ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450991006_w230_h230_planshetni-kompyuteri.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 5ad4991f2318be5cae3078fc098b8f1b23df3d1bdd75e4a3ad45ffa8b44b77b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 490d6a9154bc91a09d3a223c8d1bea7632d21673_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 355
content-length: 2392
x-request-id: fe466ceb-cd4e-4571-8c90-435488255678

GET
H2 200 3450994011_w230_h230_televizori.jpg
images.prom.ua/ 2 KB
2 KB 163ms
159ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450994011_w230_h230_televizori.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 144d9ede7030fa71d39e255983e58b20d1bd0ff5eb097075b336b92efaa67447

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 4804a857bcfd2f57a1fc6db52515c6144a1a2d50_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-06
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 62
content-length: 1548
x-request-id: e116ae23-e2e1-4d2b-8c39-1237a5f082bd

GET
H2 200 3253385490_w230_h230_dityachij-odyag-ta.jpg
images.prom.ua/ 2 KB
2 KB 165ms
161ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385490_w230_h230_dityachij-odyag-ta.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 1a9836056dc10cc2188b52e6e7855d46ca68a4beb1afd06861a3315cc62fddec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: d5313a466530caa87e5464f72000bdb1676eb7ff_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-03
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 476
content-length: 1968
x-request-id: c9c552d7-78ec-44f3-858a-e923141f5fd4

GET
H2 200 3253385496_w230_h230_igrashki.jpg
images.prom.ua/ 3 KB
3 KB 160ms
156ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385496_w230_h230_igrashki.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 30517f545cdbe4e0bd3dadb74a7d5049ef74cfca361fb3ac750eaa6c62e55c15

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 1e04ffd5b90fc3e33c003a58ef9abd7a44f789d9_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 16
content-length: 2852
x-request-id: 59961563-b58d-44f4-bb64-b81a4dfe6b36

GET
H2 200 3448643618_w230_h230_dityachi-kolyaski.jpg
images.prom.ua/ 2 KB
3 KB 165ms
162ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3448643618_w230_h230_dityachi-kolyaski.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: db79878d2ffff5c5de7051b6f9dca84e7df34bb42999e617902f9f4d99375b2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: c17d03c45ab848adfe028eb710a10124bf7331f2_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 35
content-length: 2512
x-request-id: f7f7460f-f7c0-42d0-82ef-fbfa7c3dff54

GET
H2 200 3253385817_w230_h230_dityachi-mebli.jpg
images.prom.ua/ 1 KB
1 KB 161ms
158ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385817_w230_h230_dityachi-mebli.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: f748eba184df960613999872597a709d7adc82face08df21eaaa9979c53a6d84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 9e28f980d3fefbf6a08a40e0f1d5544721852404_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 22
content-length: 1120
x-request-id: 126d46aa-8fbd-4f45-84e9-5b9b15a65125

GET
H2 200 3450990935_w230_h230_sportivni-kostyumi.jpg
images.prom.ua/ 2 KB
2 KB 160ms
157ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3450990935_w230_h230_sportivni-kostyumi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 354647ed51ee858224b911c15019e6623d9a92bd9598e189b18ed287fc99e992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 87e2fb4ff19ea193d8ca7f930798a57778526b90_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: himehabu
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 414
content-length: 1660
x-request-id: c94e5e27-a95a-4af6-ac2d-678fdaeda64c

GET
H2 200 3447163428_w230_h230_krosivki-ta-kedi.jpg
images.prom.ua/ 3 KB
3 KB 167ms
164ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3447163428_w230_h230_krosivki-ta-kedi.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: f4f9e27dd7be2010cab5b10419db0d8c551bbb0ce9a690b704fcdddd6a034c2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: f79381c188341f2bbdbf535bdf8d1cc0c8e9eb14_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-02
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 25
content-length: 2774
x-request-id: 67630d24-e1e2-47d8-8501-38ed7e5652df

GET
H2 200 3292211586_w230_h230_trenazheri.jpg
images.prom.ua/ 1 KB
2 KB 163ms
160ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3292211586_w230_h230_trenazheri.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 2d3a285bc41da7d31ed5766dea513bafcfe4b9fba3aba2a18bb23f4aae24419a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: a4680999ca74c12557ef9dbb4dd2d597490a607a_0
x-image-source: Resized original: aws
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: lancehead
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 95
content-length: 1350
x-request-id: 32b17634-035d-4223-ae6c-8b18a283a48d

GET
H2 200 3292211538_w230_h230_tovari-dlya-ribolovli.jpg
images.prom.ua/ 666 B
984 B 163ms
160ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3292211538_w230_h230_tovari-dlya-ribolovli.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: a5985dc47b8995ceb6035a19624210fc7aa89d796b50d439c06b81002b43e8db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 3bdc5ec73f9d941c021e549d41019b08961a39be_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-06
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 30
content-length: 666
x-request-id: 2cc8c440-455d-4890-8d17-80c894945f5f

GET
H2 200 3643028882_w230_h230_komplekti-postilnoyi-bilizni.jpg
images.prom.ua/ 2 KB
2 KB 163ms
161ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3643028882_w230_h230_komplekti-postilnoyi-bilizni.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: c2977788adee41f88362a1bf02982c5b6af82b3c348421a5b1955f6602574e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: b90a871ac3dafaa20c4ae0dfc03d5fdd9c179f03_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-05
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
content-length: 1584
x-request-id: 7eb3bbee-c604-45f5-ace6-223a3e0f8553

GET
H2 200 3643029999_w230_h230_divani.jpg
images.prom.ua/ 828 B
1 KB 159ms
156ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3643029999_w230_h230_divani.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 318a7eb99a398fc1ca10d371ca4ace598e345fc07abae6705fc1a532d2b191ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 435d58d7c89dde69ce2eda1007c6407da3e48723_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
content-length: 828
x-request-id: 2277dd49-301c-496e-bccc-fa234adc3ca6

GET
H2 200 3253385585_w230_h230_posud.jpg
images.prom.ua/ 2 KB
2 KB 159ms
157ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3253385585_w230_h230_posud.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 8483f404939ebe8cc5c06f5460c44be3d5825b1cbf43b0efcb3d68a868328312

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: 4ff63dafbc0e355511d998493f103d16cf4420af_0
x-image-source: Resized original: aws
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: sidewinder
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 100
content-length: 1566
x-request-id: 594b93a5-43fa-44cd-8632-8ef86697428d

GET
H2 200 3647496025_w230_h230_zasobi-dlya-prannya.jpg
images.prom.ua/ 3 KB
3 KB 164ms
163ms Image
image/webp 193.34.169.2
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.prom.ua/3647496025_w230_h230_zasobi-dlya-prannya.jpg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.2 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.promdns.net
Software: nginx /
Resource Hash: 93d7544440fa69acb982a8126c66afcd7ca93bb547a4dc88849d2954e378c9ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
x-image-meta: d7899e3ef413e706eeaa28006242917930e223c4_0
x-image-source: Resized original: local
etag: "CacheForever"
x-cache-status: HIT
content-type: image/webp
x-servant: nginx-cache-01
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 18
content-length: 2990
x-request-id: 5307e53d-0c44-47cd-916c-8cae9219b8c5

POST
H2 200 graphql Show response
bigl.ua/ 319 B
1 KB 121ms
120ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://bigl.ua/graphql

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/630_8dd393c195da5bf5b5e4.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

947971d657e4deb4f3e2b88a1a0fe4b18a75c893dd5cce3662248f6799f45a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept: */*
Referer: https://bigl.ua/
x-language: uk
x-requested-with: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
content-length: 319
x-xss-protection: 1; mode=block
x-request-id: 3305ee14-485e-47de-9bd7-0623aeaae501
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bigl.ua
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-LANGUAGE,X-DisableSafariCORSCheck,Authorization

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC57 0
314 B 308ms
307ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&adk=1812271804&adf=3025194257&lmt=1700674344&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbigl.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674343767&bpp=3&bdt=395&idt=366&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3111387532284&frm=20&pv=2&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7798994293100310&plah=bigl.ua&bust=31079698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:32:24 GMT
expires: Wed, 22 Nov 2023 17:32:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 info Show response
my.bigl.ua/remote/auth/ 12 B
1 KB 100ms
99ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/remote/auth/info

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/630_8dd393c195da5bf5b5e4.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

735c36862ca0cbf9be4300c17809f4cdfaeab800a61254ab5906e20abb935711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
content-length: 12
x-csrftoken: 13a47b5133504642a37ce7e4cbf1ca16
x-xss-protection: 1; mode=block
x-request-id: 5aaa3067-5183-43ad-b9e2-755244fefee7
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: X-CSRFToken, X-SIGN
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-LANGUAGE,X-DisableSafariCORSCheck,Authorization

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFD5 39 KB
16 KB 638ms
637ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344071&bpp=1&bdt=699&idt=84&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=88

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bc7e63ba08a8fc8128ffe6b4a27a29863d3eddc60fd1f39ba55dc955ed76d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16533
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:32:24 GMT
expires: Wed, 22 Nov 2023 17:32:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9946 39 KB
16 KB 453ms
453ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25ca6ccb6b969708d8b1c0238c31287375f5f5ad7c28791ea989b26f64fe31c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16330
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:32:24 GMT
expires: Wed, 22 Nov 2023 17:32:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track_informer_views Show response
my.bigl.ua/ps/ 15 B
419 B 105ms
105ms Fetch
application/json 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/ps/track_informer_views

Requested by

Host: bigl.ua
URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/630_8dd393c195da5bf5b5e4.uk.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bigl.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
X-CSRFToken: 13a47b5133504642a37ce7e4cbf1ca16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, x-csrftoken, x-requested-with, x-promuserid
content-length: 15
x-xss-protection: 1; mode=block
x-request-id: 6f19dd9d-0b65-4b0d-bf10-0d4492b5f1da

OPTIONS
H2 200 track_informer_views
my.bigl.ua/ps/ Frame 0
0 320ms
85ms Preflight 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.bigl.ua/ps/track_informer_views

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.35 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

bigl.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrftoken,x-requested-with
Access-Control-Request-Method: POST
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, x-csrftoken, x-requested-with, x-promuserid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bigl.ua
content-length: 0
date: Wed, 22 Nov 2023 17:32:24 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-request-id: d36ecabd-636c-4a95-bffa-7e41a7462b8c
x-xss-protection: 1; mode=block

GET
H2 200 Vaw.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/ 1 KB
1 KB 86ms
85ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/Vaw.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: b9910f1889eee2368444871c18b7f009092754ff93da56ee27ca1587505bcd20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-search-HLW/br-encoded-Vaw.svg
x-amz-request-id: tx000000000000004e7c3a9-00647a3b0d-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-search-HLW/br-encoded-Vaw.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-search-HLW/Vaw.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 565
x-cdn-ruri: /build/js/images/footer-search-HLW/br-encoded-Vaw.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: ferdelance, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 CpBX7.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/ 2 KB
1 KB 86ms
85ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/CpBX7.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 005ed092fa26e76ae99a5613a420e81c377e9767fde19ecdeb651fb681b1464c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-carriage-A/br-encoded-CpBX7.svg
x-amz-request-id: tx000000000000004cf4b93-00647a3b0d-37a316d9-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-carriage-A/br-encoded-CpBX7.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-carriage-A/CpBX7.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 665
x-cdn-ruri: /build/js/images/footer-carriage-A/br-encoded-CpBX7.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-04, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 footer-hearth-MXmUgQg.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 87ms
86ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-hearth-MXmUgQg.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 4c34bdb875f35418f90c3f426b2da0078370e1479dea9cbc18fed6eb97291ed9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-footer-hearth-MXmUgQg.svg
x-amz-request-id: tx000000000000004e7c394-00647a3b0c-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-footer-hearth-MXmUgQg.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-hearth-MXmUgQg.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 706
x-cdn-ruri: /build/js/images/br-encoded-footer-hearth-MXmUgQg.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: lancehead, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 juk.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/ 2 KB
2 KB 87ms
86ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/juk.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 54f0ff0445947e0b65897e0fc171022a3eb8d8f5b27e839f463c41fbe8d0dafb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/footer-exchange-c0h/br-encoded-juk.svg
x-amz-request-id: tx000000000000004e7c39b-00647a3b0d-37a37690-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/footer-exchange-c0h/br-encoded-juk.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-exchange-c0h/juk.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 741
x-cdn-ruri: /build/js/images/footer-exchange-c0h/br-encoded-juk.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-03, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

GET
H2 200 footer-dog-2UQFQei.svg
bigl.ua/cloud-cgi/static/corgi/build/js/images/ 2 KB
2 KB 87ms
87ms Image
image/svg+xml 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigl.ua/cloud-cgi/static/corgi/build/js/images/footer-dog-2UQFQei.svg
Requested by: Host: bigl.ua
URL: https://bigl.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: 1f30b20cd353571d2a3c6270f9dd7f013676caabfe6ee67be16ebfdc684e7bd0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-uri1: corgi.c.evo.dev/build/js/images/br-encoded-footer-dog-2UQFQei.svg
x-amz-request-id: tx000000000000004e4e589-00647a3b0f-37a4103a-openstack-1
x-cache-key: cdncorgi.c.evo.dev/build/js/images/br-encoded-footer-dog-2UQFQei.svg, cbigl.ua/cloud-cgi/static/corgi/build/js/images/footer-dog-2UQFQei.svg
x-cache-status: HIT, HIT, HIT
x-cache-type: main
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 979
x-cdn-ruri: /build/js/images/br-encoded-footer-dog-2UQFQei.svg, http_x_cdn_ruri
last-modified: Mon, 29 Nov 2021 13:29:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: nginx-cache-03, misam
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name: himehabu

POST
H2 204 pageviews
tracker.bigl.ua/endpoint/ 0
161 B 93ms
78ms Ping
text/plain 193.34.169.35
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bigl.ua/endpoint/pageviews
Requested by: Host: my.bigl.ua
URL: https://my.bigl.ua/cloud-cgi/static/clerk/v4.3.2/bare.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.35 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: bigl.ua
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bigl.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 17:32:24 GMT
server: nginx
access-control-allow-headers: X-CSRFToken, X-PromUserID
access-control-max-age: 2592000
access-control-allow-methods: POST, GET

OPTIONS
H2 200 question
colbert.evo.company/report/v0/ Frame 0
0 295ms
206ms Preflight
application/octet-stream 2606:4700:3037::ac43:8c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert.evo.company/report/v0/question?org=20YqCrYvyNWQpr0v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-script-lsr,x-script-version
Access-Control-Request-Method: GET
Origin: https://bigl.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-SCRIPT-VERSION,X-SCRIPT-LSR
access-control-allow-methods: GET
access-control-allow-origin: https://bigl.ua
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a2e95dee286442-LHR
content-length: 0
content-type: application/octet-stream
date: Wed, 22 Nov 2023 17:32:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEfarWBVaiikbTC5XBYc0FOFYdXA7%2BmUp8w2HrsmgYxnlnTPW2MzE51ETWIFNvSqBoQ72bm3Jcz7S1iRHG03Xu2P%2FnKE%2FsCJhtBOVqzY6CiYg0exkLkWpWrJNPhH8ixFRkOjBsJl8SjfYRrqniyryKBJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-envoy-upstream-service-time: 3

GET
H3 200 question Show response
colbert.evo.company/report/v0/ 20 B
652 B 308ms
235ms XHR
application/json 2606:4700:3037::ac43:8c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert.evo.company/report/v0/question?org=20YqCrYvyNWQpr0v
Requested by: Host: colbert-static.c.prom.st
URL: https://colbert-static.c.prom.st/static/colbert.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c

Request headers

Accept: application/json, text/*
Referer: https://bigl.ua/
X-Script-Version: 1.25.2
Accept-Language: en-GB,en;q=0.9
X-Script-LSR: 763641340639339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Cookie, Accept-Language
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=741UB9EbpeM9k7BJXw2ojou0DOlGBKUYi2wpoDqBoqUS8rISTEBl4GG1sTwIyTUhi1nDITuHQiG8wrbbX6gospCWrdg1Q1pxPMJIVnTC77wymJ%2FzEtdh6nUSiOIx4yN9dpHlJdmmgBilDySo%2B%2BA1E3xp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://bigl.ua
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
cf-ray: 82a2e95f98e763d9-LHR
alt-svc: h3=":443"; ma=86400
content-length: 20

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4BE8 128 KB
45 KB 146ms
72ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV47KAADUBAIFUG2AAn-2zIXJnXJ7V7jvk8IcA&u=%7CFEvbRS0ryJm1JGqXldxMDxTQ7cGNuosbWs8NBRAb5dQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5ZdRiwGVx3x8Yh6-dSE248I5MWAVtqMXnJuStM2o2opPFAkOQzQJHBI-9JQhtpYg44aoTyqFJBtMpnwHSKesP2HP1hMlwBm3NSw1Di5CuuFWmDisVlsAklOh3IpfpBYvgMaDpwRFTZ1XbAbr620jm3gPUblqlL5JpFrn8659KooyHbIej8WmpQ3bHytsZb3BCQ6dWewl3bcYShyImS16j9dH2cP5n3wZ4kOZfXZBvaJ0XO-6ClAtOYGl5UCFQm2BPDIE78myfXWRh_KFeHedqcXG6Bif9isxWfiq5i4fWOyzIsxiOSxhyypFBx8MBH4remDXAp7nSsDn6KUJVloUC8Mu4rQ2u09zRcVqbUQtR4c13BgOVuH2uUFTRNvInTlChZkMJ9z57AgY-0UkxXtRV-ghY2I8DJ0KkuDHCrkfer4_Jd2V13J0qShSoLIxjIX8Wi17yvhX-2ayM1-UOFWQGuHvlsqOTKkOb82liTykkZSIAoVWLCavU7rgJtFxW9yT7byHwSBOUPNlV4zca38M_magDNkMrduUKUaKbnpvZLrqiwADvQ0bL611bHRY6qd0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXaMGKDteZZCgDbaD1fAP2_2n4Azkj9KxXLfAycfZAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJFJw2QF_-0PqgDAcgDAqoEugFP0FO12dow2YJIsaizon8r1Xvqw2ae7T31k5jKguSmTrHRCJI5IMVaArC42le9G7AF46Sp_WvTTq3l0k5Fl7ipeikimBaZIQIx4047uATJSylQ5heg6D5PJmBdjqP7-ZotluZ7W1y49sRJYTH-3wNdiVtyX9YdoLDqk7vzs4NYmHN55i-qGJXpfRaL6kbgkkg--HlhKuXCkXss2hjKDP2WpMxsVsJPmBlQx98DCsEUvxTub22hJ69YlbqABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07uC0wwtoMIK1xkt9TFtlbWMlQtg%26client%3Dca-pub-7798994293100310%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

78ec61a0bfa3628f308ef9e88d8271ac9e55cd9516fd1bf4c917e21589b96e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:32:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=teUT3t3_LePN1sc1BLEJHZ2qA1Ug0cA4DZegc46n7lbyccmbfutf1tiHFU0UUJE9PG-15wgWJlS7vCJWHAhcXPqhx_dp_ZdTJuSHaJl15Wx9W7t7KmCzspAiKyiXPk-rL3DXvGAXqde1OR4CFCH42I5QaLuVZe-hbHeBmb5GvqrlWmIwqZ9mPXfT5Eej8zAu63fbm4WZzVJMSozi06AwEAXnuGpVJTtffvk2tmI1rFKw0hqFUsmr1v7ns-UopZUa3FZSog"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 33676471
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9946 3 KB
1 KB 149ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 11:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 11:33:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C96 1 KB
643 B 43ms
43ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 71731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9946 20 KB
9 KB 143ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:09:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9946 0
0 51ms
50ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2ZA9sWqQG3hGLWC3eBiDtCU8O2qcrnWAOLd1DjjDTbaE1Z1C0Fe8b74G9uRY1d0_oAgjmF_-sadNAK_2-YU51g7o2wQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9946 202 KB
64 KB 181ms
85ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:32:24 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6C96 35 B
463 B 162ms
46ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOpPudtuA9TKUBqTjLMpS4M&google_cver=1&google_push=AXcoOmQSaag0NuBTi0gsrUdVtlU_V6r3p3Ih-Vsaht5phybKoNmrq4Ww9pjIEpAQCrfae7taw7rJDQCcwIJBRkXVvAOxgpJh8rJESlU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C96
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R2tBbEJHQk4xUjVSNW01&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&google_cver=1&google_push=AXcoOmTpGXFtU7M9pZHGzidMHGRpakAR44YxjiaO51PBU6b...

170 B
232 B

54ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R2tBbEJHQk4xUjVSNW01&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&google_cver=1&google_push=AXcoOmTpGXFtU7M9pZHGzidMHGRpakAR44YxjiaO51PBU6bOhPvz-3z9Mmm4jk4Nqyj1XkeuUBlbUIlmIT0FZoKpaO5nMNxfbhlqB2k

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 17:32:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R2tBbEJHQk4xUjVSNW01&google_gid=CAESEJUQn20BGKLtY8v1ZTtho3c&google_cver=1&google_push=AXcoOmTpGXFtU7M9pZHGzidMHGRpakAR44YxjiaO51PBU6bOhPvz-3z9Mmm4jk4Nqyj1XkeuUBlbUIlmIT0FZoKpaO5nMNxfbhlqB2k
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6C96 70 B
149 B 137ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBoHSlgwYOtjopoTdLZrnbI&google_cver=1&google_push=AXcoOmRmrhHfFlHZb1izFy1GbA3qBBP_q4v2tCR7KsVSUKv16cnvqg01Fh6TbUcZzuq4w5kHQ1tmjd4TeSjvTgpxoPBn8yFTS9-FNes
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C96
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDAy6kOyWVa34UCrw3eJ39c&google_cver=1&google_push=AXcoOmRohOpkN6F8M3-TRWkVgsOeG1-t8yLtikuj2o7RceD9e2QVHKYuIVIW7l6H-XLi4FvZD1_JnI_E2XdWRWe8...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3KEBD655SGgJ9w1ZHfW5Fg&google_push=AXcoOmRohOpkN6F8M3-TRWkVgsOeG1-t8yLtikuj2o7RceD9e2QVHKYuIVIW7l6H-XLi4FvZD1_JnI_E2XdWRWe8VreQFF82O7FayY0

170 B
329 B

54ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3KEBD655SGgJ9w1ZHfW5Fg&google_push=AXcoOmRohOpkN6F8M3-TRWkVgsOeG1-t8yLtikuj2o7RceD9e2QVHKYuIVIW7l6H-XLi4FvZD1_JnI_E2XdWRWe8VreQFF82O7FayY0

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 17:32:24 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3KEBD655SGgJ9w1ZHfW5Fg&google_push=AXcoOmRohOpkN6F8M3-TRWkVgsOeG1-t8yLtikuj2o7RceD9e2QVHKYuIVIW7l6H-XLi4FvZD1_JnI_E2XdWRWe8VreQFF82O7FayY0
x-host: tde-deliveryengine-production-bb588bf9-sh2ft
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 6C96 43 B
146 B 137ms
43ms Image
image/gif 18.159.232.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEASRMrN2CLF9E1RfGiRll2M&google_cver=1&google_push=AXcoOmTJeKR2Mveq-zA2uTZ9rdVJBjlSXu6im-oXp90VBKSDAknaVW53BXTQ_pLQliY2KEHjjdZWXtq0Hq0mVXlIV827w8liDlh1R1M
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C96
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJGZxI89yPNlmNxEl_bf02g&google_cver=1&google_push=AXcoOmSOsMBDoQ_QM1ELNgy3p8o6ZuQIv1MvkDQX-vSCl9gTCEwKXUIKD8PjWdPGw-DsWUdmC8Q4NHhgVrAm6hLWweJZ1QF...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOsMBDoQ_QM1ELNgy3p8o6ZuQIv1MvkDQX-vSCl9gTCEwKXUIKD8PjWdPGw-DsWUdmC8Q4NHhgVrAm6hLWweJZ1QFLLKm_L9w&google_hm=eS0ub29ZaGpKRTJwSG8...

170 B
232 B

53ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOsMBDoQ_QM1ELNgy3p8o6ZuQIv1MvkDQX-vSCl9gTCEwKXUIKD8PjWdPGw-DsWUdmC8Q4NHhgVrAm6hLWweJZ1QFLLKm_L9w&google_hm=eS0ub29ZaGpKRTJwSG8wVjZtV0dPWEJpVmlZOG40WWNleH5B

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSOsMBDoQ_QM1ELNgy3p8o6ZuQIv1MvkDQX-vSCl9gTCEwKXUIKD8PjWdPGw-DsWUdmC8Q4NHhgVrAm6hLWweJZ1QFLLKm_L9w&google_hm=eS0ub29ZaGpKRTJwSG8wVjZtV0dPWEJpVmlZOG40WWNleH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C96
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED_E_K5O3dfBb2Dw4IE2W78&google_cver=1&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0QieNLHHF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED_E_K5O3dfBb2Dw4IE2W78&google_cver=1&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0Qie...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MDQ0Njg3Njg5NDA4Njg2MA&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0QieNLH...

170 B
232 B

55ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MDQ0Njg3Njg5NDA4Njg2MA&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0QieNLHHFPNmoDNDMYx6MDUhXbdPcxf4

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI2MDQ0Njg3Njg5NDA4Njg2MA&google_push=AXcoOmTSyotUrxlXTOQeVBpJrzUvI2uCSgJ6NmG04J84dS751c-Qp0b1ipr9Pdv3mJgXcjU0QieNLHHFPNmoDNDMYx6MDUhXbdPcxf4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C96 0
130 B 158ms
51ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KII1Fmpk6Jc0S7ZxRDRVNiJcwqvJYkbfr2OwhYW0k_eD0pOOO7khKgVqOtnibp3hJcYcQa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4BE8 2 KB
1 KB 127ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV47KAADUBAIFUG2AAn-2zIXJnXJ7V7jvk8IcA&u=%7CFEvbRS0ryJm1JGqXldxMDxTQ7cGNuosbWs8NBRAb5dQ%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5ZdRiwGVx3x8Yh6-dSE248I5MWAVtqMXnJuStM2o2opPFAkOQzQJHBI-9JQhtpYg44aoTyqFJBtMpnwHSKesP2HP1hMlwBm3NSw1Di5CuuFWmDisVlsAklOh3IpfpBYvgMaDpwRFTZ1XbAbr620jm3gPUblqlL5JpFrn8659KooyHbIej8WmpQ3bHytsZb3BCQ6dWewl3bcYShyImS16j9dH2cP5n3wZ4kOZfXZBvaJ0XO-6ClAtOYGl5UCFQm2BPDIE78myfXWRh_KFeHedqcXG6Bif9isxWfiq5i4fWOyzIsxiOSxhyypFBx8MBH4remDXAp7nSsDn6KUJVloUC8Mu4rQ2u09zRcVqbUQtR4c13BgOVuH2uUFTRNvInTlChZkMJ9z57AgY-0UkxXtRV-ghY2I8DJ0KkuDHCrkfer4_Jd2V13J0qShSoLIxjIX8Wi17yvhX-2ayM1-UOFWQGuHvlsqOTKkOb82liTykkZSIAoVWLCavU7rgJtFxW9yT7byHwSBOUPNlV4zca38M_magDNkMrduUKUaKbnpvZLrqiwADvQ0bL611bHRY6qd0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXaMGKDteZZCgDbaD1fAP2_2n4Azkj9KxXLfAycfZAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJFJw2QF_-0PqgDAcgDAqoEugFP0FO12dow2YJIsaizon8r1Xvqw2ae7T31k5jKguSmTrHRCJI5IMVaArC42le9G7AF46Sp_WvTTq3l0k5Fl7ipeikimBaZIQIx4047uATJSylQ5heg6D5PJmBdjqP7-ZotluZ7W1y49sRJYTH-3wNdiVtyX9YdoLDqk7vzs4NYmHN55i-qGJXpfRaL6kbgkkg--HlhKuXCkXss2hjKDP2WpMxsVsJPmBlQx98DCsEUvxTub22hJ69YlbqABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07uC0wwtoMIK1xkt9TFtlbWMlQtg%26client%3Dca-pub-7798994293100310%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4BE8 2 KB
1 KB 121ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4BE8 308 B
637 B 117ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4BE8 293 B
621 B 118ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4BE8 43 B
348 B 120ms
38ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ioc8UdK_vZd3tvz8_2i1gDvzWjrvC0RolsGboO4THGXV4aiRsrvGB9BnugAZmgv1A0EwletBdtTo4zeZmDXjhf1PTNku6qjgWojG3ZFyEQNPc4BkqtswIC6fD8yyh9oNhocP5DMVAoAytZ262oCk5RZ8PCN0eQYxdO85eMep8g03L3H_fusF-xIB2WnDXHUxWcxxYt43VarpjmfPPSa0dZoiJeJccz2-JkCr9SiLIcZNjRuCR1JKjgSpadH0-kChe03oAu1W5cGMjKlUvTKesQ60v-Sg58MQiZSCtPYgfYJvr-xUftf_oCiCrjbd1s5_SBVjKKOejzOB51swlYgVuhGfEq5ArOLdQnYlVI_TCfC25sppaLsAcfwq2vYA7sewFnoYvHkfBcolTc8qFynIOsBwD1oYkf3Rka1no8zExH9ODwHg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1493204
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9946 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 770941b7878a68f5e8847e10d6c702a6c494f7fe6880643c612380ec33b11b2c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4BE8 12 KB
5 KB 105ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 747737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ADggv51j3OuCDVUNH%2Bps9MJE0uXmTF3qcZ%2B8tb532Ie46V00Ip8rvQDtwXMWpUEpsYECVcQeSxz6SvwIaIiAja0LGID%2BKu7NYl36LhJV7PF9uFHYjiTMvKVxE9fm2SywNwnskz7yKEk43AR2vwnxg3I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82a2e95f8aed88b0-LHR
expires: Mon, 11 Nov 2024 17:32:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AFD5 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344071&bpp=1&bdt=699&idt=84&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 11:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 11:33:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AFD5 20 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:09:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AFD5 0
0 52ms
52ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKzs1RDEJ3dR1gq7ejo-OfsaBqCCYV1k3F7Y6bna7K3zridvZqwVNLru2pzOeDkUj4trGR4HCAAv0t4C6WJy5rzHK5Mg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344071&bpp=1&bdt=699&idt=84&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFD5 202 KB
64 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:32:24 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 698D 122 KB
43 KB 78ms
78ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV47KAADKPQIFUn_AAliTjg1UHQuVD3r82bJ1A&u=%7CFEvbRS0ryJkxEVWnLv1c5HJiKhcC9rYy0jrD5NfevSs%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDM1ruZnwpBwFtwBYmOhh-CKH22zLiCWSAP3XboWXn-GXc2oSH02dHLEDgZL95iQlrRitvXUL-w5PzHEZM78ug9zac8FWK900CLTtPJlhBmrE2xyDl2rlNHPp9B33iFDF8XB_By_-jgEyBWehJilX9OfL-RpuCsC47O56CRFZDoe8wVsvXRjuNHPL0tT-ZDOlXv_gQmgRmnmzbYQYBb4Mcf8NKVS5EXfqhe0_G8-6zcGxX9GiJEMF1DCqXUbH99Dt6dXPzLSAKxPookhU4b8-Kf5dwZRIrPL7NdIknAVIZNrk-ED3hpq3EPewxV0mOAhIl3v91KMVyAd-848fhkqWtqEti7dZ47f_kfOPMWsswxKeXfLmWlJGcCyicR2qggJi94eXrqFNlDl1wQWa6wt46M4nkkyyeX_bOWGbvcoUX0c9BB4RP3AEDm5xUr3WPWFziRrvdkcAVqWnPk4j-UDJNsWeopE_1cygJDpzcuraFATcEmnAG9oA6XmawTuCkenZY6PT9UUEklwo8ha9CScsCYgtM7TVSfRudZ8HfpTFNhgQ8CFcWJ1qJatDpatR3F8Yh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCicCvKDteZfTRDP-T1fAPzsSl2AHkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJ3GbV0gAa1PqgDAcgDAqoEugFP0DPr0_LgMiyBZUAKNuJqPhXsRIBITTaIhAWhLGzQitWZffkklPQFmjYPd54VDZJ60K11As82VVfur5mZcp0kDh7d8A8RAqwvM99CqNVB62C5xVRW9n273rCXrk12sZUylHDPVlDiD70bXF2c6LGyeD7TBvjuemnQrWECMGOxA1HOYGXud5IY_AYlysLoHYh5RaP_fmtpXTO4BvrIIC4KTHf8So0mf_NbwlEjeCYfz_ZPUzOv07LCyi6ABo3e96HJnKTC1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gY_V3YxSJoBBYdce2l08lwCOxyw%26client%3Dca-pub-7798994293100310%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9190f5e2ef5af13e34c59ef8c3c73160fa48530c058b61dc1e7de8f7393c9811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:32:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dI0XN93_LePN1sc1iUQjP1wEXjWeQI_aGiBgIka6HrqQTTlZJEpa_XebBIQoXiLaP15YsXDhVq-RbpPl7btPMxzuqzPFu2Bz9eTDscwGXGV74qGlu5JaDbuUs_15ZsqP-7RiD_-lknhv0XYju4TzCqLt3YeYDQTUb6IC48tx-7Jr_EBBHKUqSbCMy_EzZKvDLyFHPLuX9XC9XKdgZSwnL3nBeWYnmctBcrsx4ChrgTnC-I63H8bSz3FtE04h7QOwswj7-w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 34842404
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 13F3 1 KB
643 B 44ms
44ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 71731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4BE8 12 KB
6 KB 74ms
41ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4BE8 47 KB
47 KB 147ms
71ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=11894&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F11894%2F230512%2Fd36d5cdfaf0741f08ffcdcecaa3c5f65_logo_n_horizontal_%281%29.png&v=3&w=528&rid=4&s=0-l5-AR0_iCPyCQMZf0cJr1j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e1f390b4308f27fc9ff25013fff4cbb07afddb3e94447c089797d1cdd4d21ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 47749
expires: Mon, 04 Nov 2024 06:09:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4BE8 197 KB
198 KB 194ms
119ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=11894&q=80&r=2&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F11894%2Fjet2holidays_837.jpg&v=3&w=800&rid=4&s=TBJtpDCFXSdLi40faW7c9GWM&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

83a981065a57f6451c1637448088ed264cf2fc7c6b3084ff8097dd5dd42cdf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 202186
expires: Wed, 06 Nov 2024 08:30:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4BE8 0
128 B 118ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=teUT3t3_LePN1sc1BLEJHZ2qA1Ug0cA4DZegc46n7lbyccmbfutf1tiHFU0UUJE9PG-15wgWJlS7vCJWHAhcXPqhx_dp_ZdTJuSHaJl15Wx9W7t7KmCzspAiKyiXPk-rL3DXvGAXqde1OR4CFCH42I5QaLuVZe-hbHeBmb5GvqrlWmIwqZ9mPXfT5Eej8zAu63fbm4WZzVJMSozi06AwEAXnuGpVJTtffvk2tmI1rFKw0hqFUsmr1v7ns-UopZUa3FZSog&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4BE8 2 KB
1 KB 84ms
64ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4BE8 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 698D 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV47KAADKPQIFUn_AAliTjg1UHQuVD3r82bJ1A&u=%7CFEvbRS0ryJkxEVWnLv1c5HJiKhcC9rYy0jrD5NfevSs%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDM1ruZnwpBwFtwBYmOhh-CKH22zLiCWSAP3XboWXn-GXc2oSH02dHLEDgZL95iQlrRitvXUL-w5PzHEZM78ug9zac8FWK900CLTtPJlhBmrE2xyDl2rlNHPp9B33iFDF8XB_By_-jgEyBWehJilX9OfL-RpuCsC47O56CRFZDoe8wVsvXRjuNHPL0tT-ZDOlXv_gQmgRmnmzbYQYBb4Mcf8NKVS5EXfqhe0_G8-6zcGxX9GiJEMF1DCqXUbH99Dt6dXPzLSAKxPookhU4b8-Kf5dwZRIrPL7NdIknAVIZNrk-ED3hpq3EPewxV0mOAhIl3v91KMVyAd-848fhkqWtqEti7dZ47f_kfOPMWsswxKeXfLmWlJGcCyicR2qggJi94eXrqFNlDl1wQWa6wt46M4nkkyyeX_bOWGbvcoUX0c9BB4RP3AEDm5xUr3WPWFziRrvdkcAVqWnPk4j-UDJNsWeopE_1cygJDpzcuraFATcEmnAG9oA6XmawTuCkenZY6PT9UUEklwo8ha9CScsCYgtM7TVSfRudZ8HfpTFNhgQ8CFcWJ1qJatDpatR3F8Yh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCicCvKDteZfTRDP-T1fAPzsSl2AHkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJ3GbV0gAa1PqgDAcgDAqoEugFP0DPr0_LgMiyBZUAKNuJqPhXsRIBITTaIhAWhLGzQitWZffkklPQFmjYPd54VDZJ60K11As82VVfur5mZcp0kDh7d8A8RAqwvM99CqNVB62C5xVRW9n273rCXrk12sZUylHDPVlDiD70bXF2c6LGyeD7TBvjuemnQrWECMGOxA1HOYGXud5IY_AYlysLoHYh5RaP_fmtpXTO4BvrIIC4KTHf8So0mf_NbwlEjeCYfz_ZPUzOv07LCyi6ABo3e96HJnKTC1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gY_V3YxSJoBBYdce2l08lwCOxyw%26client%3Dca-pub-7798994293100310%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 698D 2 KB
1 KB 37ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 698D 308 B
636 B 39ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 698D 293 B
621 B 43ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 698D 43 B
347 B 38ms
38ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Pal4q1k74c99q-aNgPsZfKmv-plWo21FCY5WCMXL8nDazZgULlhVMSHHXv_3xWHb1YDUNPtiKXNev5i1k_ooYIjI3rEnJgKLnQB1ppLKODjjwVok22w7ccS7lPum7EOgCAM4NbJUJEbP9gfhhHiyQlsNxajAzI5mnxuKxl04oZRsEYjkiIWfTneNuMuIOVfYbRS7-rDzZLZCX4bfBN_WyW1FklSM6crGq6IY3e94ZQgHtL1lALgK5zM5TAiFncoDlCnkuABuFHS2YJe7qa6FxJtbqSulH-ggqXECxf_9tpYo3s7MCltG9vOdoL36y1P_N68J305eXjR-NwUdA9eN2MAp_nax7Vty2YEh8dmR8UcRiRbBpyogkvTVx2R7adz2a3WbuY4t0uqq2ZB6OE4Nvo1rT24eJZuVdO9ErfzLByM4gj2Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1728358
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AFD5 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8745eb94a3abf983e755206bfb3fd089dc4fa95fc1f63df1b2daa4059b783a4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13F3
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMAC0KGZY4Z8XcElA2XICSI&google_cver=1&google_push=AXcoOmQl2cRewGXBtN9YLmo9ws5sduI_Mx2XAq947ZfNpsycTH8fwOmfHo...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQl2cRewGXBtN9YLmo9ws5sduI_Mx2XAq947ZfNpsycTH8fwOmfHomdgpd9UVrwZeJp-MDfQjI6oIr_bloPxVvniJhOin_OdA&google_hm=gu6t5UgZZ0...

170 B
188 B

54ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQl2cRewGXBtN9YLmo9ws5sduI_Mx2XAq947ZfNpsycTH8fwOmfHomdgpd9UVrwZeJp-MDfQjI6oIr_bloPxVvniJhOin_OdA&google_hm=gu6t5UgZZ0QgWT1xFCCE4g

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQl2cRewGXBtN9YLmo9ws5sduI_Mx2XAq947ZfNpsycTH8fwOmfHomdgpd9UVrwZeJp-MDfQjI6oIr_bloPxVvniJhOin_OdA&google_hm=gu6t5UgZZ0QgWT1xFCCE4g
pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 13F3 0
104 B 174ms
68ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBwZsm7t7UNP-2wwVcUqicI&google_cver=1&google_push=AXcoOmTyGXIsSSSUcHLdngIIQPQRHPk1hRLyAjUE5fZmx1a6n0N3l8cHl6n092PTP_F5hkkbXPQhf2LxV8RBd2ysIZ4ZjJDbnwRgrsM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344071&bpp=1&bdt=699&idt=84&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=88
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13F3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHp2eUEXd4cK8kkuvvR5o5Y&google_push=AXcoOmRwNgp8PK4n9-CwP-vN4plLvs6WV0pVoJi8M9gO8tn8UH2PaeFqDm...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHp2eUEXd4cK8kkuvvR5o5Y&google_push=AXcoOmRwNgp8PK4n9-CwP-vN4plLvs6WV0pVoJi8M9gO8tn8UH2PaeFqDmkigORIA8Y3-mRkuJxigAo9mnpPVRwJKhpT9_3fpsJwUds

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-man4138-MAN
pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700674345.011808,VS0,VE85
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHp2eUEXd4cK8kkuvvR5o5Y&google_push=AXcoOmRwNgp8PK4n9-CwP-vN4plLvs6WV0pVoJi8M9gO8tn8UH2PaeFqDmkigORIA8Y3-mRkuJxigAo9mnpPVRwJKhpT9_3fpsJwUds
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13F3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECOpVZGL1mcfikvK7ghxqm8&google_cver=1&google_push=AXcoOmQ08T7sQpdQ4nhllLOZN7Q6d0W5BIIAd2PSiIcrHWn5D1lQt69dXT0Ai98HyryTyTVNJQzYfuDZ68V...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ08T7sQpdQ4nhllLOZN7Q6d0W5BIIAd2PSiIcrHWn5D1lQt69dXT0Ai98HyryTyTVNJQzYfuDZ68VxEjBVJmtdSFp_E1SSeg&google_hm=QEhZ-h-sSC2qLgeDWA...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ08T7sQpdQ4nhllLOZN7Q6d0W5BIIAd2PSiIcrHWn5D1lQt69dXT0Ai98HyryTyTVNJQzYfuDZ68VxEjBVJmtdSFp_E1SSeg&google_hm=QEhZ-h-sSC2qLgeDWAk3p2U

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ08T7sQpdQ4nhllLOZN7Q6d0W5BIIAd2PSiIcrHWn5D1lQt69dXT0Ai98HyryTyTVNJQzYfuDZ68VxEjBVJmtdSFp_E1SSeg&google_hm=QEhZ-h-sSC2qLgeDWAk3p2U
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13F3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMZF7kZmcUbIrADhDZwqdyc&google_cver=1&google_push=AXcoOmRSGgCytfcSrphjNT6J_SHbirP6NE3MOVOZ-1iNDsc37uhnqvB-nVPtcfYPu7VyTGBtQdbBurxtXusgOOJIDoczoTH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSGgCytfcSrphjNT6J_SHbirP6NE3MOVOZ-1iNDsc37uhnqvB-nVPtcfYPu7VyTGBtQdbBurxtXusgOOJIDoczoTHs2hc7oA&google_hm=eS0ub29ZaGpKRTJwSG8w...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSGgCytfcSrphjNT6J_SHbirP6NE3MOVOZ-1iNDsc37uhnqvB-nVPtcfYPu7VyTGBtQdbBurxtXusgOOJIDoczoTHs2hc7oA&google_hm=eS0ub29ZaGpKRTJwSG8wVjZtV0dPWEJpVmlZOG40WWNleH5B

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSGgCytfcSrphjNT6J_SHbirP6NE3MOVOZ-1iNDsc37uhnqvB-nVPtcfYPu7VyTGBtQdbBurxtXusgOOJIDoczoTHs2hc7oA&google_hm=eS0ub29ZaGpKRTJwSG8wVjZtV0dPWEJpVmlZOG40WWNleH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 13F3 43 B
363 B 114ms
36ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTRRFL7zgMl-ttJloagmkSbVtVwuULZPcoXnXrTEmIk7BhKHE-oMiuhlQm1Rx0IVJGh1-7YNWN5V2dit4BOWpcdYhQCyeNjaFg&google_gid=CAESEOGrNc9v5qqeFcBS6PJ4ZS4&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 197291
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 13F3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAZIydYOV11eQlINAR82y5k&google_cver=1&google_push=AXcoOmRNXdeeMpQqrXOziz19frE0Gfd3YpAQLSKKSVS9uvnOSrbZ9p8oSfT0jyqwF2lR4RY8G1NY8COV...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwODcwMTk1MzkwMzEyNTU1Nw&google_push=AXcoOmRNXdeeMpQqrXOziz19frE0Gfd3YpAQLSKKSVS9uvnOSrbZ9p8oSfT0jyqwF2lR4RY8G1NY8C...

170 B
232 B

54ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwODcwMTk1MzkwMzEyNTU1Nw&google_push=AXcoOmRNXdeeMpQqrXOziz19frE0Gfd3YpAQLSKKSVS9uvnOSrbZ9p8oSfT0jyqwF2lR4RY8G1NY8COVDDyuMxF9MfCaoZWcSF-W-aM

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwODcwMTk1MzkwMzEyNTU1Nw&google_push=AXcoOmRNXdeeMpQqrXOziz19frE0Gfd3YpAQLSKKSVS9uvnOSrbZ9p8oSfT0jyqwF2lR4RY8G1NY8COVDDyuMxF9MfCaoZWcSF-W-aM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 13F3 0
40 B 51ms
51ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5SjaNySdYptKOD6f4FLWQbfCfTfVj5fuFpCJWizHqplbJZ5SM-G6CUqcGB1N6eZzFueD9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 698D 12 KB
5 KB 40ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 747737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSgdCD%2Bnho%2Fb5wK3rTo1ufIMbPsxm5NyxLunNEb%2FUmu9jJVyGbQ7MPKjz733558RABl%2BnOQl6GP94Oi8IECogzjjY4L6%2FU5x4h5qgNg5M1aCLaxk7iw%2FNdCdaIyZoJZ%2Baz4bb7LUE5AZauU5sXdMj3XR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82a2e9602bd888b0-LHR
expires: Mon, 11 Nov 2024 17:32:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 698D 12 KB
6 KB 45ms
44ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 698D 6 KB
6 KB 106ms
106ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=52446&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F52446%2F4906410%2F8fc1e9c6a58e49dfbca6609d753508f3_otm_logo_light_bg_%281%29.png&v=3&w=196&rid=4&s=4qiAEVjD_rplkx2RQEshA5kh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d23c1a6a87e3bbd430a7da5fdfbeb8512e094fc5d9e5fa917fed7777afecd975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6180
expires: Sat, 02 Nov 2024 04:31:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 698D 53 KB
54 KB 107ms
106ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=52446&q=80&r=2&u=https%3A%2F%2Fmedia.onthemarket.com%2Fproperties%2F13392651%2F1453352366%2Fimage-0-1024x1024.jpg&v=3&w=800&rid=4&s=kiwl6h8SLf5CAMbEYJI_aRkg&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4fd20542ba1d493c095c178239c92dcc1eb4ea170a6d2d7898e99c2757a6846e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 54656
expires: Wed, 06 Dec 2023 15:37:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 698D 0
127 B 37ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dI0XN93_LePN1sc1iUQjP1wEXjWeQI_aGiBgIka6HrqQTTlZJEpa_XebBIQoXiLaP15YsXDhVq-RbpPl7btPMxzuqzPFu2Bz9eTDscwGXGV74qGlu5JaDbuUs_15ZsqP-7RiD_-lknhv0XYju4TzCqLt3YeYDQTUb6IC48tx-7Jr_EBBHKUqSbCMy_EzZKvDLyFHPLuX9XC9XKdgZSwnL3nBeWYnmctBcrsx4ChrgTnC-I63H8bSz3FtE04h7QOwswj7-w&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 698D 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 698D 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 4BE8 2 KB
899 B 37ms
36ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 4BE8 2 KB
900 B 39ms
38ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 poppins-400.css
static.criteo.net/design/googlefont/poppins/ Frame 698D 1 KB
714 B 41ms
40ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ae18c6dd210db9e164ab3b6a9b64ded581f8981a819eb70c4cc05779913c1782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d7-405"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 poppins-700.css
static.criteo.net/design/googlefont/poppins/ Frame 698D 1 KB
714 B 39ms
39ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7daa38592e6029ec25860829e7d61ef3e7d547b18ebc2ad4a04b37f5c37c268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d8-405"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 4BE8 16 KB
17 KB 156ms
81ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 poppins-400-latin.woff2
static.criteo.net/design/googlefont/poppins/ Frame 698D 8 KB
8 KB 102ms
42ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/poppins/poppins-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a3f23333f71d0d99e810d428517a119f05cefbdc56272db5a3945a4e1e6d9069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/poppins/poppins-400.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d7-1ecc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 4BE8 16 KB
16 KB 123ms
113ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H2 200 poppins-700-latin.woff2
static.criteo.net/design/googlefont/poppins/ Frame 698D 8 KB
8 KB 91ms
91ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/poppins/poppins-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7e4c88b3fc3203823fa65955b4680676881fec87e67a01693c7c0f22259d59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/poppins/poppins-700.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d8-1e88"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:32:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFD5 0
19 B 91ms
90ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIOjLKDteZfTRDP-T1fAPzsSl2AHkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJ3GbV0gAa1PqgDAcgDAqoEtwFP0DPr0_LgMiyBZUAKNuJqPhXsRIBITTaIhAWhLGzQitWZffkklPQFmjYPd54VDZJ60K11As82VVfur5mZcp0kDh7d8A8RAqwvM99CqNVB62C5xVRW9n273rCXrk12sZUylHDPVlDiD70bXF2c6LGyeD7TBvjuemnQrWECMGOxA1HOYGXud5IY_AYlysLoHYh5B6He7LLA3lckhadymmuD3mzbQDEsUeuATMpH5Ieg0dpXsZkNljuABo3e96HJnKTC1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzc5ODk5NDI5MzEwMDMxMBgA&sigh=iQOxZLk_eEE&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN7UMSz7d76o-mexduKlXwRZtg59wOuZgsJki9bL33q7VJhR7Sds_MLT3dSecf_B9kqSMaG_OBGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=4672842918&adk=3635360310&adf=3135012541&pi=t.ma~as.4672842918&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344071&bpp=1&bdt=699&idt=84&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 17:32:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame AFD5 0
126 B 113ms
37ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kM6uD7_6RLAJmAKH-lcYAgAAAI4hTM_SY53fECg7XmVs9xq2TK-MM0oAAAASAAAKCkFRVUJEd0VCRHc&wp=ZV47KAADKPQIFUn_AAliTjg1UHQuVD3r82bJ1A&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 157283
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9946 0
19 B 89ms
88ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzxDnKDteZZCgDbaD1fAP2_2n4Azkj9KxXLfAycfZAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03Nzk4OTk0MjkzMTAwMzEwyAEJqQJFJw2QF_-0PqgDAcgDAqoEtwFP0FO12dow2YJIsaizon8r1Xvqw2ae7T31k5jKguSmTrHRCJI5IMVaArC42le9G7AF46Sp_WvTTq3l0k5Fl7ipeikimBaZIQIx4047uATJSylQ5heg6D5PJmBdjqP7-ZotluZ7W1y49sRJYTH-3wNdiVtyX9YdoLDqk7vzs4NYmHN55i-qGJXpfRaL6kbgkkg-untAuDxrEh-wWUVwtrgfNtdLXH5FtgGLSURnlmCroTj2jccDYiaABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03Nzk4OTk0MjkzMTAwMzEwGAA&sigh=vOGY69BO5i8&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNwrJzeTPSkdUpZxH2W0O-uCYSJecNkZQuauQDSMDWryZkw8_FckOcxtDIAUM2MOnaX5IW0Xx5GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Nov 2023 17:32:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 9946 0
125 B 91ms
37ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kNikE7_6RLAJmAKH-lcYAgAAAFWzI8n1lTLaECc7XmUAn1LB7C7GiQoVAAASAAAKCkFRVUJEd0VCRHc&wp=ZV47KAADUBAIFUG2AAn-2zIXJnXJ7V7jvk8IcA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 163085
server: Kestrel
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 183ms
93ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b61365911ac9c85e14e43c1d1e3e11f8797c9ff8295e4f8daf8d050ec92d0c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12351
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:32:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E2F 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 21082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 11:41:03 GMT
expires: Thu, 21 Nov 2024 11:41:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7334 829 B
559 B 54ms
53ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39c6bb976d2a08dc58419e675c0c91fc47d2ba6f654ad3788dac0d415a6b717f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LaSgJq8hgejUsP3SPYlSgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigl.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LaSgJq8hgejUsP3SPYlSgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:32:25 GMT
expires: Wed, 22 Nov 2023 17:32:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E2F 39 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7334 0
0 76ms
76ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3128464639824292&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4E2F 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kcZ3Rg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:32:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3128464639824292&bg=!-_il-LfNAAZxrfrxUa07ADQBe5WfOCwTWiIvZOfffrc_fwTn34kWTcWmt99WODcrRH5cKnt0SLUJhK_zyR5a_aDe2C4iAgAAAD9SAAAAA2gBB5kCsIxhJe9PCzwRvL0KMeKGlUOslIwTmTSVpI6LX84ScKJB9MmwfEWpXw6EvNqBJSXbO7jkbruP1vuwEiLrDQVtT4Wz75x2J9q-Bes24vfSAlfwY8-X1nyo3gyE2Okq9CDhgM0v0bH9A5AUVwcWcpmEelVj3e3tLEBXE76m18uyZduK1QbU9FE_QfqVsb7kZlfMgqLQ4n1qEVNXwqpgU8Uki9Plt4NR2mfcvArfkcAevC7br6qphJEyBeLgX0g6HGIK1RnJqBykjmBdtDABdX5Er7cW8mOg1OCmRCVJWGYfnG0Af4E3FrPU3-A2r4qb3ob91SyxeY9VImqci2oTIZumWMEylQ8NwfQfkpSiII8gU3Yj15miW2IuEjZ2LrE-ZCR9wiE1lOxjQ5fwdG8Zg06S7shRN3TbgB84qxT8wSDZnk9civAO28KND7QJtlDYhSgvaP94qZcgKNX9XExIInG3L-i3dFfo4yuvQnRezEzGET1A6rnP9KinQJwZlHer5-n1eap_yh1sWQbdSpLZV9GbXt3CLaqfbIKAeUlfX_6LEnmqbegHxMpj6RUGbQOd9MDZUvPwJROpNfd9o3G1bQEmMlmScnNXwwQ3kCX05fReoiISs15kdRWRb-g1PY-YFs_pfID20mqjxA-YPxk6PG1eD4fcba7DS92ccuzGycUjraFAAzGa7pKelWG_cM90UE_XsuxljCzDgvTt5ehfsdn2YyQsQzX3c8Beg16v13i031OVmBHA_HlE2tJsZOcbCgbkMhvBHUCPiNj2i6qnivn_n31itC_E76qQHfHOGO-x9TMglFYsvPFIjJixIc2ZJPV3G4Vn0dsrk2IQKG5fcHdc3DnJlNK6V1YuQuMUHobnQ-PO7SppQdREXDmp3tayJEv-4ImvxVyZR2IabA9eKV7QcsM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bigl.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bigl.ua/	1970-01-20 17:07:46	Name: cid Value: 132549676633108604982888862964390045949
.bigl.ua/	1970-01-21 01:10:10	Name: evoauth Value: w6220a69579514b6c9df2dd78719de74f
.creativecdn.com/	1970-01-21 01:10:10	Name: u Value: O5QCjkd8xjnP5i1SVHoT
.creativecdn.com/	1970-01-21 01:10:10	Name: g Value: O5QCjkd8xjnP5i1SVHoT_1700674343574
.creativecdn.com/	1970-01-21 01:10:10	Name: c Value: O5QCjkd8xjnP5i1SVHoT_K51AHmEuB5EgCmms8AcE_1700674343574
.creativecdn.com/	1970-01-21 01:10:10	Name: ts Value: 1700674343
.bigl.ua/	1970-01-21 02:00:34	Name: _ga_N053KL2046 Value: GS1.1.1700674343.1.0.1700674343.60.0.0
.bigl.ua/	1970-01-21 02:00:34	Name: _ga Value: GA1.1.1446286231.1700674344
.bigl.ua/	1970-01-21 01:10:10	Name: auth Value: 4fc6ccefa22558601fbf95882ee0f096c9bd2d2e
.bigl.ua/	1969-12-31 23:59:59	Name: user_tracker Value: 203d04a310f927b37daa38c13739ea721c5b70ce\|217.138.196.101\|2023-11-22
.bigl.ua/	1970-01-21 01:08:43	Name: csrf_token Value: 13a47b5133504642a37ce7e4cbf1ca16
.doubleclick.net/	1970-01-21 01:46:10	Name: IDE Value: AHWqTUnQvPb1S8PSk0lcsbH7hEGKyiaOLpI_SoybsHIVB0OGVxi0WPOnGm0-bkLiSkc
.bigl.ua/	1970-01-21 01:46:10	Name: __gads Value: ID=462de43e10b8846d:T=1700674344:RT=1700674344:S=ALNI_MYvqHf6Cm8RpL3nB6MLPuOaDJpTcQ
.bigl.ua/	1970-01-21 01:46:10	Name: __gpi Value: UID=00000cdff0481fd1:T=1700674344:RT=1700674344:S=ALNI_MaUurkeHmyjUj-Zw8mlbrzilVJaQg
.travelaudience.com/	1970-01-21 01:54:48	Name: _tracker Value: %7B%22UUID%22%3A%22DCA1010F-AE79-4868-09F7-0D591DF5B916%22%7D
.quantserve.com/	1970-01-20 18:34:10	Name: d Value: EAwBCQG-KoEA
.quantserve.com/	1970-01-21 01:54:48	Name: mc Value: 655e3b28-ca229-13e4e-27326
.yahoo.com/	1970-01-21 01:10:31	Name: A3 Value: d=AQABBCg7XmUCEKEyQlqfAZ4rwB5YCAYpzjAFEgEBAQGMX2VoZQAAAAAA_eMAAA&S=AQAAAqVbID1tkLtN4jyx2VFpnMk
.adform.net/	1970-01-20 17:07:46	Name: C Value: 1
.w55c.net/	1970-01-21 01:54:48	Name: wfivefivec Value: GkAlBGBN1R5R5m5
.w55c.net/	1970-01-20 17:07:46	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 17:50:58	Name: uid Value: 5008701953903125557
.ctnsnet.com/	1970-01-21 01:10:10	Name: cid_404859fa1fac482daa2e0783580937a7 Value: 1
.ctnsnet.com/	1970-01-21 01:10:10	Name: gid_CAESECOpVZGL1mcfikvK7ghxqm8 Value: 1
.everesttech.net/	1970-01-21 01:10:10	Name: everest_g_v2 Value: g_surferid~ZV47KQABlBZ_dwBH
colbert.evo.company/	1970-01-21 02:00:34	Name: responder Value: aafnI0_7S_uZWlYJpjeQhr_IebnoX6vLY4tpSbh978kPE9NqRNVzqyM4NiCQiJkgX0wZEYC5iWqyFB0xiQ1EqQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://bigl.ua/(Line 5) Message: The key "" is not recognized and ignored.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7798994293100310&output=html&h=280&slotname=3560581960&adk=3517589902&adf=3782497793&pi=t.ma~as.3560581960&w=1200&fwrn=4&fwrnh=100&lmt=1700674344&rafmt=1&format=1200x280&url=https%3A%2F%2Fbigl.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700674344072&bpp=1&bdt=700&idt=93&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3111387532284&frm=20&pv=1&ga_vid=1446286231.1700674344&ga_sid=1700674344&ga_hid=557443872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=3271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079606%2C31079715%2C44809003%2C44809317%2C31078297%2C31079698%2C44807764%2C44808149%2C44808284%2C44809054%2C44809071&oid=2&pvsid=3128464639824292&tmod=945660295&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=95 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ads.travelaudience.com
bigl.ua
c1.adform.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
colbert-static.c.prom.st
colbert.evo.company
creativecdn.com
csm.eu.criteo.net
dclk-match.dotomi.com
dis.criteo.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
images.prom.ua
match.adsrvr.org
midas-external.bigl.ua
my.bigl.ua
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
ssl.aukro.ua
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
tracker.bigl.ua
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
142.250.185.162
151.101.2.49
178.250.1.6
178.250.1.9
18.159.232.130
185.184.8.90
193.34.168.232
193.34.169.2
193.34.169.35
193.34.169.9
2001:4860:4802:32::36
2606:4700:3037::ac43:8c85
2606:4700::6811:180e
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:fa8:8806:21::1690
2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e
35.186.193.173
35.190.0.66
37.157.4.29
52.223.40.198
52.29.13.21
005ed092fa26e76ae99a5613a420e81c377e9767fde19ecdeb651fb681b1464c
0343bb8536cc4b19147cee2ce5a099500f075ee4114be7b372905eb3dbf0979e
03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d623ad8439d743d68328656cfdf82ffca752d427f6887675df0163810f8863e
0e53e673da1cb6e17b06934bf090cc8a62ca85204e8b0dba904fc1f7119e97b5
144d9ede7030fa71d39e255983e58b20d1bd0ff5eb097075b336b92efaa67447
1663d808671520aae61bff69e91e222fc348f874ceac8efaa607e32b9ab35c5e
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a5b4834af7125ea892a2b87bec21b38ae37932f3eacf69db64aeaa177cea20f
1a9836056dc10cc2188b52e6e7855d46ca68a4beb1afd06861a3315cc62fddec
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1f30b20cd353571d2a3c6270f9dd7f013676caabfe6ee67be16ebfdc684e7bd0
25ca6ccb6b969708d8b1c0238c31287375f5f5ad7c28791ea989b26f64fe31c1
27e1cbeb5f63f1e38246e9adafa4f4d7b02bf26ad15c7a0d997879f23c620810
2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76
2d3a285bc41da7d31ed5766dea513bafcfe4b9fba3aba2a18bb23f4aae24419a
30517f545cdbe4e0bd3dadb74a7d5049ef74cfca361fb3ac750eaa6c62e55c15
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318a7eb99a398fc1ca10d371ca4ace598e345fc07abae6705fc1a532d2b191ac
32c3a91f717e380f56721294e8cf8bbf749d40e8b0cbee0ce07c40fad4a754b5
354647ed51ee858224b911c15019e6623d9a92bd9598e189b18ed287fc99e992
372c5d087f7f5e33888dcd8b682d5a4f9f04d1ed308b8b63144863a921ae12f9
39c6bb976d2a08dc58419e675c0c91fc47d2ba6f654ad3788dac0d415a6b717f
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d53b7fc4d1ca44e4438fc8ea99f0967897caf0df210a7f9494a71babcd0435c
41bad3cdb8c719a3ee4ec6891e5ad6228d724d968d9316003a7a1e2a4d2fd8ba
44de39a842369511a9a832ef96677364a35186fb15fc9063cf8c423570abe3e2
46c34ce1d686335ad35cc28b4115be1cdc4074e3d877e86826bfb739b5aaee7a
49f1117a5e8cce19bc68443dedfcf44c5e0f923bca050f24b7f959526badba6c
4bdd7fa6cf14c27758e296fbca25419c702f10f72941211d35723f58cd59ea70
4c34bdb875f35418f90c3f426b2da0078370e1479dea9cbc18fed6eb97291ed9
4dfbe1063911e3a7889daa70dbf73a6017c2c65fbc6be12bb51e5e7fc0ba5881
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd20542ba1d493c095c178239c92dcc1eb4ea170a6d2d7898e99c2757a6846e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f0ff0445947e0b65897e0fc171022a3eb8d8f5b27e839f463c41fbe8d0dafb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ad4991f2318be5cae3078fc098b8f1b23df3d1bdd75e4a3ad45ffa8b44b77b5
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6326c381c26e86c3f55601bd82677357f04bf22463a9d5c5692b9e6125e0a982
649ec18fafe18e7629f923ddddcbaa80b83d2689ae88236fe44726c67a962bbf
64b797a0ce98432b9720aa97a2a7a6e7f7d86348832f7f06d985d0b0e403debf
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6bc7e63ba08a8fc8128ffe6b4a27a29863d3eddc60fd1f39ba55dc955ed76d5b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
735c36862ca0cbf9be4300c17809f4cdfaeab800a61254ab5906e20abb935711
770941b7878a68f5e8847e10d6c702a6c494f7fe6880643c612380ec33b11b2c
77a0837e54b9cb25662d82e3200272dce582cfc77a7083674740876b086860a5
78ec61a0bfa3628f308ef9e88d8271ac9e55cd9516fd1bf4c917e21589b96e9e
7daa38592e6029ec25860829e7d61ef3e7d547b18ebc2ad4a04b37f5c37c268f
7e1f390b4308f27fc9ff25013fff4cbb07afddb3e94447c089797d1cdd4d21ac
7f2428836c373bbbe8ca476b409ce4037058a820dee4c09fb0a58b11f616b6eb
83a981065a57f6451c1637448088ed264cf2fc7c6b3084ff8097dd5dd42cdf49
8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849
8483f404939ebe8cc5c06f5460c44be3d5825b1cbf43b0efcb3d68a868328312
8a5c2182553b3ec721a6b5453b4f34fe1a927e193d00264a3f9dda3936336947
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9190f5e2ef5af13e34c59ef8c3c73160fa48530c058b61dc1e7de8f7393c9811
93d7544440fa69acb982a8126c66afcd7ca93bb547a4dc88849d2954e378c9ab
947971d657e4deb4f3e2b88a1a0fe4b18a75c893dd5cce3662248f6799f45a88
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9dfb8ca0fafac9cc8566795cf9e0640cbd40f7344b8277f3d46a1b03b2cd31
9dbd23c6a35f09fc4e6a6190488b64903b23c3a79960cac687c76d74d0612776
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2b4c282b1b444f61f2b5d9a60292a02d618ea48bf7d5ec1f0a4d93d978ba298
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3f23333f71d0d99e810d428517a119f05cefbdc56272db5a3945a4e1e6d9069
a5985dc47b8995ceb6035a19624210fc7aa89d796b50d439c06b81002b43e8db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8745eb94a3abf983e755206bfb3fd089dc4fa95fc1f63df1b2daa4059b783a4
a9ca102c316f7e3f30fbaa5cc17272c827c421c5fe278c9021e7d4b3c5db458d
ae18c6dd210db9e164ab3b6a9b64ded581f8981a819eb70c4cc05779913c1782
aed6f663c4666ff7d50a00ab9529f31586f543ca4b894ea9b2707e9b41568f4a
b09bf3a0004cf70d71cc3639efdd37534ea1b617ffcf2389a91a5db87072355f
b0fd06f61506be4755268555778bce0e1a29af4fa0e3bb66376801250f7fe5fd
b61365911ac9c85e14e43c1d1e3e11f8797c9ff8295e4f8daf8d050ec92d0c50
b8c94dc3c63f0eafc2be89c9b41a6b6a0d887a0a49c43f7ef98d89a7ef556e65
b9910f1889eee2368444871c18b7f009092754ff93da56ee27ca1587505bcd20
bc6d04f1867aa9d1fcc0db04a837b42c1b3843907f703baa1dde6347286311ad
be7c4c9c685809fbe9fe59eccadae576fb2bb82485911c5002ed934b5e069edd
c092ffa0aff369fb8d8a8fcf94b8834306b9b5c370a9728e4e27f369f1390d4c
c2977788adee41f88362a1bf02982c5b6af82b3c348421a5b1955f6602574e49
c7e4c88b3fc3203823fa65955b4680676881fec87e67a01693c7c0f22259d59d
c88f30ad811f9de07a6b33e792d70d6fcc02fd18c93ffcaaa05b966287d2386c
c9c69f9ce1741f3e5a0ea13e8d27f5073d6ad337fde898e27710351ebfc14428
cb64ab8e0bec215a3683b4edcf87a67fac08ade50320a1ce6dd64321438c15e5
cbaad7bca9b9e901bbc61202fd4ef3fa12b07025f1a58d24358fb7bbb83d57d8
cc5a121caf33cebdadfa518ad8df37ed7f9010de3298a4125d4e345f25fbbcde
cdbcac847654feccab8b67b21d2ea977cf4c0c233d7b9885b530ed84543fd9a6
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d05f0619affb2db80a16b36662d335fa1d3482b331964853db4ede8191aca539
d23c1a6a87e3bbd430a7da5fdfbeb8512e094fc5d9e5fa917fed7777afecd975
db79878d2ffff5c5de7051b6f9dca84e7df34bb42999e617902f9f4d99375b2d
def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e143173e3fb67239106c8a6d43d676dc6673e45d3998d129e06d43848f5df9b9
e17f9856eeb7042cbeb2835552785fb2126bc4164c7a7c5f078afbfd25dfc78d
e37c4bbcb7a1c857eab6aba6f286fa92be5b7541c3aaa79978e61d522ddb4e75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8c2f572a71772c8473efa12c92a1f13d7d8a47bccf16810f97c4905b48f16
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cf9f7d77ddbfcf5ed51d3a1b0adc5f7dcb1ec4fc6103c62b3dc3c05d508de7
f0f4177cbb0b0646a5cea0c972812b96e1390fe8ff91b4df681da036ce09d1a9
f4c8bf34e471832635037e18bc7aac5a9a0d81f6ff82925c8c022c7e059e45c7
f4f9e27dd7be2010cab5b10419db0d8c551bbb0ce9a690b704fcdddd6a034c2a
f66f3d6a08c5006bc536cb74578f916288c28db97b853cf07447c886f9178118
f748eba184df960613999872597a709d7adc82face08df21eaaa9979c53a6d84
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

bigl.ua Open in urlscan Pro 193.34.169.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

94 %HTTPS

56 %IPv6

25 Domains

37 Subdomains

28 IPs

9 Countries

1887 kBTransfer

6343 kBSize

26 Cookies

5 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bigl.ua Open in urlscan Pro
193.34.169.35 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

94 %
HTTPS

56 %
IPv6

25
Domains

37
Subdomains

28
IPs

9
Countries

1887 kB
Transfer

6343 kB
Size

26
Cookies

160 HTTP transactions
2 data transactions