bigkyiv.com.ua Open in urlscan Pro
2606:4700:3036::6815:5b3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bigkyiv.com.ua/
Effective URL:
https://bigkyiv.com.ua/
Submission: On February 25 via api (February 25th 2022, 8:07:22 pm UTC) from GB — Scanned from GB

Summary HTTP 127 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 20 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3036::6815:5b3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bigkyiv.com.ua.
TLS certificate: Issued by E1 on February 1st 2022. Valid for: 3 months.

This is the only time bigkyiv.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:303... 2606:4700:3036::6815:5b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:800::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	62.244.25.76 62.244.25.76	3254 (LUCKYNET ...) (LUCKYNET Lucky Net Ltd)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3 5	104.85.0.246 104.85.0.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:26f0:64:... 2a02:26f0:64::210:6b5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	62.244.25.84 62.244.25.84	3254 (LUCKYNET ...) (LUCKYNET Lucky Net Ltd)
127	27

32 2606:4700:3036::6815:5b3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bigkyiv.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:800::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.244.25.76 (Kyiv, Ukraine)

ASN3254 (LUCKYNET Lucky Net Ltd, UA)

ua.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.85.0.246 (Amsterdam, Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.62 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6b5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 62.244.25.84 (Kyiv, Ukraine)

ASN3254 (LUCKYNET Lucky Net Ltd, UA)

fixidle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	bigkyiv.com.ua 1 redirects bigkyiv.com.ua	1 MB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	395 KB
16	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	98 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	959 KB
6	fixidle.com fixidle.com — Cisco Umbrella Rank: 274968	14 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	200 KB
3	gstatic.com www.gstatic.com	13 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9027 www.google.de — Cisco Umbrella Rank: 6342	1 KB
3	redtram.com ua.redtram.com — Cisco Umbrella Rank: 251755	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	77 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	312 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1135	63 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11797	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	646 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
127	20

	Domain	Requested by
32	bigkyiv.com.ua	1 redirects bigkyiv.com.ua
19	pagead2.googlesyndication.com	bigkyiv.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	s0.2mdn.net	bigkyiv.com.ua s0.2mdn.net googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net bigkyiv.com.ua
6	fixidle.com	ua.redtram.com fixidle.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	connect.facebook.net	bigkyiv.com.ua connect.facebook.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects bigkyiv.com.ua tpc.googlesyndication.com
3	ua.redtram.com	bigkyiv.com.ua ua.redtram.com
2	googleads4.g.doubleclick.net	bigkyiv.com.ua
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.facebook.com	bigkyiv.com.ua
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	code.createjs.com	s0.2mdn.net
1	m.exactag.com	googleads.g.doubleclick.net
1	www.google.de	bigkyiv.com.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	bigkyiv.com.ua
127	26

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
t.me
www.facebook.com
twitter.com
www.youtube.com
forms.gle

Subject Issuer	Validity	Valid
*.bigkyiv.com.ua E1	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-05` - `2022-03-05`	3 months	crt.sh
*.redtram.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-31` - `2023-02-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
fixidle.com R3	`2021-12-07` - `2022-03-07`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://bigkyiv.com.ua/
Frame ID: F814840FFC21BC2090461D5170E32F74
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: EA0B980A22B9510440DF472B4F795620
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&adk=1812271804&adf=3025194257&lmt=1645819636&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fbigkyiv.com.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635964&bpp=3&bdt=444&idt=298&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8259303834495&frm=20&pv=2&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=320
Frame ID: 45BAC3A5F314E83D41BF04801BFCF2FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&h=280&slotname=8635171054&adk=4053852298&adf=3092718367&pi=t.ma~as.8635171054&w=588&fwrn=4&fwrnh=100&lmt=1645819636&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fbigkyiv.com.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635967&bpp=3&bdt=446&idt=329&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8259303834495&frm=20&pv=1&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=521&ady=862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9bvlFSG2pa&p=https%3A//bigkyiv.com.ua&dtd=334
Frame ID: A487210F9EF00798626332E414CC1DB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&h=280&slotname=2272355954&adk=2933004099&adf=876127034&pi=t.ma~as.2272355954&w=588&fwrn=4&fwrnh=100&lmt=1645819636&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fbigkyiv.com.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635970&bpp=1&bdt=450&idt=337&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C588x280&nras=1&correlator=8259303834495&frm=20&pv=1&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=521&ady=3853&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0COyk6yQCf&p=https%3A//bigkyiv.com.ua&dtd=340
Frame ID: DB49F7176016239A165933459ADD76A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGPnN68EBMAE&v=APEucNVXWDNuVgFA4e3eCdvWQ37NeOYrPXFi0w2radE-iLUrSe95f5yk2cwL1VBwMD3y17jkV7W7qJLbwK5ue_iUb2bHtvRNWUnPoNhWW8tGHpA8z6Ai73gnEAaxhWLJjLPENZ1rusHD_bIxdtK0ALdS0RQIbJwsy7WSHwlL7cZtMYjF-mpJkxI
Frame ID: 6D3084A2FECF782FF8711484810969F1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4c_HMz49vNYacHG6br-WrXHgjDIc-xgvutL73_UAhCl9B2K5oDi3TsGN6c_C3y8EIxqe73BNZIRkcEer2d97LYBfhesSkXNWBhM13M9FDPkglZnwsRJQojsUEYPnzLpULnM-K1t_JpkfcH6MeXzs-wzQIRA&dbm_d=AKAmf-BAfs28TWAI_zj5QV9ENFq3voqeoy3yGrCzwRltyulg6OSkzwh4397dW1DP9HljL5Foq7Y5Dp9UmM8laMU0ZSiq-5VVNAfGamePOXpu0eLEheCn_LqH9FqO3cNl1DsIu2aCZct3Mqfw1vTDhs3Hjp3FVyjdLSTp3S0w51CTK8ppmJAtRCSJhftaXgJ0_PKssUTN6kuEF_57sGv7fE4Ryc96aDlaJHziWaElDOnoBnpes-0g3tjoyUnl3f2zOfDErIkhhagVpqV9m9UYrksSnA5twMWk4f10paRLfjNoHFFIPYEj-QMHcFF29qWzU25AJpvtUMOoMbUOFLxOaSedwvIMy_FiG82yhyr9M9ozlTDDRjQEGUwaJNUErmr9yVd2I0KIM478FO7h7rNFQwsEydfSdzllxBICJhJK5moMPohaieCQP69eqZd9ul22Z4oho8hAC3P3BWAPVTHcLYhyqZm4hdsCAzKTmXCcOCBZhDqwxb3fhQ86_kgO5rJfEvRA0m-MuyVNuLjJZpco01vaerC5NXyiJQ5JEPUw3ZWWZASVVgN2NPyq1Nu24lOJ61IiG2lt2AKeAGzUDc0LJ5pMxG25ptvb-0J_6VADoMx7YvBGZd6Uwo9S0B_9iODn496ljEyeS3p-Ir-sLSMDhzllu8ZnnzdLEsXHMBKu-ybM3-1a-k67f7jG8ztFWbRx63iGrcvd9nIBiLZRs_1SxuqsV46izbc2NzhD-h8JQORH6td6cMEY4zXl6Ntlgu4_5JAMqSeRgpjGsVmFAWJyeHJCfNUb8u1x2kpwkS3j6O1_UUW-xX48V-NsR1Hg6WHxkn18Y0k_Y5VSjGrewc6xyZxrhnT5Cjp5hRRCppoBfHPJfQO9UiItNQ3S5q8zh5_1zz6aO3wvuNqgqmxVpG3IgUMctfYYKTRi_D3ecLSR8I8tqFpD1EPPRTTbWzekhIwwfPoxdCJMlXYrXkkqLLPa5IWTQ2I9pe9JA0XKLhbqdGHGJ-svlckhfExrwGZKLJinGdXb_ajZiW1GyriM8yX3hHfiOuWZfIg0A6igUtNHEtDjy_GaJMy0NhB7I8hr6GKBEYOtyLDaAy9czzyHopOF7fL_UJTvCWSiQ0LBiCaHUknCmQvH_ktmOlGQ8wNqI3yNWMpJDPE2EcKzp57c2ywlQpksgnfGKmzd0ehji10VlUBnKLlku7ZIq2SP8IQjtYthqzBn5zv5CnrbtBvG_GeA82ZSsDe9O3vozBxZqq8-dk1GE-80TnlyfgtShwAPSDoPFvbO-kLEo5HtSXD1igc90MebGKAqF_EsCn8yXuQT51eklkqaU0hnop15yYOT9ASmZWVmteFxI2lvEB8SdO9wgNL4u6uStA11SVl8v5D4994bEAn-vKCdwIV8B7zzqmY2BLI9I8yTEFbmc86ZfX8w-hNBhbmcwlafto_xEueT1H3vX_dEVL5fXYs4rVqW2ZOW7nS4xkh512lWbZr0y-XTtVlRxzy2Km5GJWkAF5FHIpMc4sh_upTbZvsmA-9eDObgsr1GjILbxzSj9Jg0yWAZSy1oAPSYI9TiOC1U1iz7Hx3vpYi6iEmBLP4VzHdLs5fXE8-xiFSnmq1GfdFnF3qStr121zISPUvVlPCYsgv7EeVSaZMk6lF1vfvnaYu4KPWq-jGRliLdyiNEFtFcdibgzz7ZerPpXM4OCRyI7TtxMBYJry2TGKnyTXSHNrhS0QCejNTpc0fsWtYyGVMm4YsZ9-vo0L6F0LdZ_8huZhUCTVhnV3rzW6l_bbTpII5KFTfslah4bm-CdsQeeNnlck0yYl3kw48gLR7m4YuDKpBh1HU7t-6fPBsZKkIckGIhzNC3nFvoSJQVsG7VKjBRfpmA6IbNPzT7NnXTskE4jXmsQgyhLfg30OEUzhGqAmpnKWErc3faiprNssSB6dbAb0mtf9cuA_aHWXJOrrzq3K9Vd6Vu9_2iCRVOH2QjfDYK8NXkwue0TWQxXXF7t8Rvij9R-YEGPelpH7d05DFuXwKyAYOqUg6EnZdyCcOv1NDsJPezPznd4-DpRIJb63m3Q0qnm9QoFH_kqAZR-MguqaZwUwDM0plGpmlmfuAxA8wYGHp689g-YgGyNm3nURdV8yow6AOVtNNhVrR49Y6q-5UKUAkG86td4htB64gXY8xIFEY0JBZp6dQa79DIDm5ne233mLK7UbF0y6r8dHLVgeYCpDsag41P58jO7vo0seFQQ1lVdsAqSGDcKjNl-LgINGN-8Rq9sc05hciBbjGcSvRk5AcQjmFlPqGpxK2YdB1Yfi0mUM61z7EWnNNre3R4onAkakDQNQgcpTmtWG5hxglzzf63w7Ak-itXPVXY_pGidDEVBQddE8gF1OrmJwfzn6PNuVZYnvwKLZnJjVjxDmndOflpPhsduaIctPEgH5SzSD2Bm_y5VT9b5cpVqI6HyASKnBoZDsFHOv3mVd7pss8u5lU_aSg1Tokk3w0qsv3BW2aP7j7Jfq9NPpldZxkdPLFxdJLCVpkLeeKUppLia9niLNx8T4MioQQYHKyaBQe7uf8wm8fLpsUEAKTvneJc5KSBYJ7_kKXGPZq6jxMa8Im8drGDxGhsIoMGfIS7Vemdq9Z7BDeqh0h-t-r_FX5wq-HWsvpaYbyGgEiehmWbOR7ORmHM1zdvCByF8LSOP2eHMv5MC3D-zj4Ilo0_fyB5xshsoqWQvMYazKirE362pTA2REfy85nLFMvaNRM3blKkwKHI2qSgJc-IeXUSleVfEkMEOSaJgGSadsowcDw8mmT7Uiw7XKYGVJME1QbE74X4MLTu8YhFNAg_MTo-awiooBbIBoM4A_MOhsXFzFHFxskLGgk9E720sGW7t-qCiPTca4ndlf2mbaVzx3pscLi57bIe01kR8Ag8W-4_8jq6577Y4GWtt9XXLZVcSCoqu4THiLXDRndpHYw83AbaZ9AJ-yfUd2YbmPEdXTCMJA9BNmtNdRDr_VsPIJtB57msg8N9iaHk6VtrHjEjtJKVlPbRp0z1gjWp8wtJn-g5Yled7QCpZtuwnrMHJGW3K8NLQgrga0ERKXi5koKx-fC-SiU2otpu520KrUVL3O8dvqp4R5VnSdFziqXif7_po-di1kfFQmjCddfzV_KFn6Oirkxe0wy7X179L45ApOvQr6RiKtGX4FksiuT0JQMTyLYyjUN1ocDfDBv7d09PoAjRdHHA2WJskfBfQT7mLGWmKzoAmrk8lVMtOnQasrRlNEXTkKilFpt3Brqygtgg0iIySfD08dVKvS0kr5g5-whn0lTk-E_HygDxnh0aa57k6hjO_ThQmmhrNvxP0AD5pQMMrJ_qXbJO_DkUEG-j-nHMNGc_YrIDssII54dAwNYH1xZRmTSgiFfWdDlA_IcjKiehEJIxs9I1NqZt1QEP6gRIPMkEN1Ve6fswyX-TBMA6bsmVyj99nLh7UJsrXFfxQly706OwkqO8qmupUcsMXaXb6LAOxILqUciq6Wtl88K5CO6vH2TnI1p6vmZ5cxwto3ldchSN0Tn7TEpgZ-VQBFoNONoZJX7RjNdrm_EwiwFBfOJL2VQGn0LD8uS5LVlKAnN6JHE8LJSJ-NTfOE-_XEytv2WTs-ZCgqGvcX1jmx-v4qOtmD1R_79EOlI_8jxBDnTwFiH2s7h9JhpYFJs3dtZUpNI58ACr1HWzxo87OKMPZsY&cid=CAASBORoN4g&rfl=2%2Chttps%253A%252F%252Fbigkyiv.com.ua%252F%240
Frame ID: 7C4F57E0AAE81BC00339D1C1BE143E00
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D1FF5E342C4A5B47F35153B0C03BD6F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1
Frame ID: 794475828750474A3E619DEE3C256A66
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 76A010552D1469360943D025EE373416
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E2B7119BDB75753965A3A4CC74A9C599
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
Frame ID: 86CD29E941A273AE6C3C07805A92F67D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 90F060AB50ADB6130C71B9AB1246394A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Frame ID: CA90C26D6A50DE9FD6A606A57EF1D65B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18DC3B81B4A82D91FC65E1DBBCF75E8C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DC5EA4450742E62B4734F370C0BC825
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Big Kyiv | ВК — онлайн-медіа про Київ та столичну агломерацію

Page URL History Show full URLs

http://bigkyiv.com.ua/ HTTP 301
https://bigkyiv.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

94 %
HTTPS

69 %
IPv6

20
Domains

26
Subdomains

27
IPs

6
Countries

3330 kB
Transfer

5673 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/big_kyiv/

Search URL Search Domain Scan URL

URL: https://t.me/big_kyiv

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/bigkyiv/posts/?ref=page_internal

Search URL Search Domain Scan URL

URL: https://twitter.com/BigKyiv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCXKmQqQzgubDZlJtQdZ6GhQ

Search URL Search Domain Scan URL

URL: https://forms.gle/v6uv1nhwQkKqJB4k8
Title: Запропонувати тему

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAFRZkaK0h2YqdgFBoA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bigkyiv.com.ua/ HTTP 301
https://bigkyiv.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQA_citE_3u97T2ZwR2Mcs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQA_citE_3u97T2ZwR2Mcs&google_cver=1&C=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yhk29dAkze9MyzConS3YwQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMeR8RsvmapKIsC4sOw2occ&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJUhH9kg5gkNF9-X7pid9k8&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5MTI0MjA0NTM2MzI3ODcxMw%3D%3D

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bigkyiv.com.ua/
Redirect Chain

http://bigkyiv.com.ua/
https://bigkyiv.com.ua/

125 KB
21 KB

286ms
178ms

Document
text/html

2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.14

Resource Hash

9407ecb0a696cb75d1354572638ff8187197ca714f1bc58ed8d979942e09cd75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.14
cache-control: no-cache
wpo-cache-status: cached
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uqZWW13xTRmMBai3qDfMIX1QJ9PXrKagVMgfCsXIAiC6iO0uoFAyPsI22VPx08PicYKFNb913B0tdOb8J%2B7BXCddrVR7j0gvC%2BPdThmKeYB0h2ClnIrxK9PD0bCgUbY44aG46Gtny4ya%2BBUgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e338f11096371a4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Fri, 25 Feb 2022 20:07:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Feb 2022 21:07:15 GMT
Location: https://bigkyiv.com.ua/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u5tOzgEUdovcc62Z4G8%2BTQasjbnarc%2FoBxqN1WOqt44pINUD1Am%2FfVq8KSsnuWHP0TtRmunrBaaoLz9PXtosUFyG%2FMXH%2FYeD1hU0sqyquvbeUTkeymxlNnJnWmtte7pqPrB9DZ%2BOTyIrHoaRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e338f0fff668926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
bigkyiv.com.ua/wp-includes/css/dist/block-library/ 57 KB
9 KB 61ms
59ms Stylesheet
text/css 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3072264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 10:55:15 GMT
server: cloudflare
etag: W/"60781b93-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YC4HG6nw3rKhrjoS8QPJLoViTfb%2BYcl7u%2F4InTVCQ1F5CiDwJk6bnVU%2FzxtTcez9ICJl1KtHrTpQobznVFLhengf3fG5rv6MHqq4Fh1%2BVQsO5uMD3u9%2BiWlhOyocpFb4lE1P2xmD%2BUZv7AdWeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6e338f124ba371a4-LHR
expires: Sat, 21 Jan 2023 06:42:51 GMT

GET
H2 200 editor-style-shared.css
bigkyiv.com.ua/wp-content/themes/BigKiev/ 729 B
582 B 61ms
61ms Stylesheet
text/css 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/editor-style-shared.css

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3a9cf3f0d036e43eeff57d2348fb0c3ef094cf05d6ae2a454170062d8c3dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10574984
cf-polished: origSize=1635
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Jun 2020 09:46:48 GMT
server: cloudflare
etag: W/"5ef1cf88-663"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyrgu0nkkZo9chTAXSm%2B4Uirk2dPAb%2BwyiW6iHfaHpKljkZmy4c1%2BUI9dp6HqOLmTwrC7r0vX42Y4BZKJ81ty%2BkC0b1C%2FJOjS6O90zNlSioEcQxmkkl3iYEC%2FKtsl6NGBod1muL%2BhWYw39pX9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6e338f124ba471a4-LHR
expires: Wed, 26 Oct 2022 10:37:31 GMT

GET
H2 200 foobox.free.min.css
bigkyiv.com.ua/wp-content/plugins/foobox-image-lightbox/free/css/ 29 KB
5 KB 70ms
70ms Stylesheet
text/css 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f592c1248f3224a2adddaa84e9ec8c8e7ed7a7bcf0913e658534eeb1dd5fe00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10574984
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jan 2021 02:01:28 GMT
server: cloudflare
etag: W/"6008e078-7312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGmERSRSo8bWey13adOvnmeVCcr7sTKbZBSw8%2BVXJs6zaAtX%2BoTqWD7EEG1wwb4Mdi7%2FuGVCUbo94Pdm9re6twogwZBOj45qmqePsOrRZ6J1brssw2kWT1CoiRErHN%2Bq4FHbeq4bBa01TS8pmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6e338f124ba671a4-LHR
expires: Wed, 26 Oct 2022 10:37:31 GMT

GET
H2 200 lightbox.css
bigkyiv.com.ua/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/ 3 KB
1 KB 55ms
54ms Stylesheet
text/css 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

082d2a88bdcf16c2e82d5beb234b3dc7417b29ea10cce20a0a844c523faedef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352129
cf-polished: origSize=3183
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jan 2021 02:01:32 GMT
server: cloudflare
etag: W/"6008e07c-c6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OLUlHDPVG6DzZYiBNVLSG5%2F9qbpSVBorbOyqzhuFoEhXzxSpvjLVkzk51q6vzphMe5gPPSEgHyE%2FnZ%2F3DxSWAVq7nPDkRa209UaZcQvf8oiaOjUZqR%2F9CJiF62zjrOGMOYpGWt%2FnmQcH6HYxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6e338f124ba771a4-LHR
expires: Wed, 14 Dec 2022 07:38:26 GMT

GET
H2 200 bundle.css
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/ 81 KB
13 KB 62ms
62ms Stylesheet
text/css 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d0db837fbafe2f3b22c52fd4c8b4088df36ae8a0b9ea7795fe08aeeb73fb4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10574984
cf-polished: origSize=83509
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 08:08:14 GMT
server: cloudflare
etag: W/"6077f46e-14635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BxyUY0E1jRmwFVf2F6HeEW2%2FIrgT5uEK3yvi0Nzd7lw6tXAVKi9wJpPVZIkmW1EBtAvQipsn7WquJz2cPYZ9Aq7GiHPK5suS7yejdhY%2B7IJ4qzezHLDvoP3vFoBQ9KSd38vYkCZmPGCZRHnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6e338f124ba971a4-LHR
expires: Wed, 26 Oct 2022 10:37:31 GMT

GET
H2 200 fb.min.js Show response
bigkyiv.com.ua/wp-content/plugins/wp-embed-facebook/inc/js/ 1 KB
977 B 54ms
53ms Script
application/javascript 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/plugins/wp-embed-facebook/inc/js/fb.min.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a78174dbf4c2edd2c1eda606995f462b634f759051effda1429b8ebc43dc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10574984
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jan 2021 02:01:32 GMT
server: cloudflare
etag: W/"6008e07c-420"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbXqh8mO9QkfJYCA3sDM8JtxJ5Grfrgbm4RMqSK2K%2Fhn9hh1k3ZU%2BgGhzIYpI4BmP%2BnF4lgq9OUnSF%2Fqn17FSvGnqp1aWy6EDTl02DIhJCE3BlJxASu1uNfuLVaguLIZSZh8etEmVtUiUzHrbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6e338f124baa71a4-LHR
expires: Wed, 26 Oct 2022 10:37:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 239ms
119ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2880965436535888

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a1d7bc1e4004a1509656d8fb57d6841e6c0eaf0a997a6f2d6e627befd3efb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigkyiv.com.ua/
Origin: https://bigkyiv.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53982
x-xss-protection: 0
server: cafe
etag: 4826289096040643407
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 20:07:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 214ms
99ms Script
application/javascript 2a00:1450:400e:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-78698572-1

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db09816cddea6780e5b1b140e3f3b2e246de8ed2845c4a2ca4618627c738b194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37451
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 20:07:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 253ms
133ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec3e39c2fcdc754d2dea4d6f7ae7ad01a2f27d5b347ea7b8c65ee89bc2feb7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54018
x-xss-protection: 0
server: cafe
etag: 15961172733733692846
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 20:07:15 GMT

GET
H2 200 wp-emoji-release.min.js Show response
bigkyiv.com.ua/wp-includes/js/ 14 KB
5 KB 53ms
53ms Script
application/javascript 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4530965
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Feb 2021 22:45:54 GMT
server: cloudflare
etag: W/"601b27a2-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJYISC%2B4HYjIXi8gORUKXnnVsXWcduIFGwZ%2FCc2qwPt%2Fmo3TW5rflgQK1sc2f3Paj1pr5Q3Lv13KMWhWp%2BV7f183uolPRYjYjfZ1e6ncSA%2BC5%2BgRigrC2dAUGPefpIXX070mlx9q00Haa3Sb9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6e338f12bc6571a4-LHR
expires: Wed, 04 Jan 2023 09:31:10 GMT

GET
H2 200 jquery.js Show response
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/js/ 86 KB
31 KB 61ms
61ms Script
application/javascript 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/js/jquery.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fdf878caa6115ab88f270d81cfdbccbaa93935924bb9d015b0c4cf4a1d483db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10574983
cf-polished: origSize=88144
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Jun 2020 11:11:18 GMT
server: cloudflare
etag: W/"5ef1e356-15850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ%2BbVcEtrAT8OBBgVhUZdgcQTbxh90fAV0i4aJeBC4ZlNEtyNVmLvtbF%2F6NTFub4UE7VUbRhxy2luGUAmxP%2FLruRbUaaXCUtKZep1Y3Zy9wOLwhfD9F15b2ezsvQy7dIOHG7oAJZoukAoEMyIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6e338f126bd171a4-LHR
expires: Wed, 26 Oct 2022 10:37:32 GMT

GET
H2 200 bundle.js Show response
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/js/ 8 KB
2 KB 60ms
60ms Script
application/javascript 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/js/bundle.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90ac131f11bd874eb89270c0c45424667b7469de5efca36bdb764d07e6f34534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1898240
cf-polished: origSize=10998
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 07:29:44 GMT
server: cloudflare
etag: W/"6077eb68-2af6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qLMFgg4ROMwfsX8aN9eH0orQRrH9RcNee5zB%2FFq%2FWwnIPV8N9Ah0gAU0krQOvDWsWzoIzuPIFqIZkJEFGymI%2F1EQfYpEgrtN55BHGC97UYw1B5y5eCacPUgD3ErHMaIEv2zpXvzCE6yZqwPrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6e338f126bd371a4-LHR
expires: Fri, 03 Feb 2023 20:49:55 GMT

GET
H2 200 skip-link-focus-fix.min.js Show response
bigkyiv.com.ua/wp-content/themes/BigKiev/inc/assets/js/ 325 B
602 B 59ms
58ms Script
application/javascript 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/inc/assets/js/skip-link-focus-fix.min.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10574983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jan 2021 21:12:38 GMT
server: cloudflare
etag: W/"601085c6-145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6YayEuOnfxw%2BTPBIPqbPjfHzpSbk%2BFAggcffx1q%2BXjxpBlO68g7pLz3tDNFFw8evu2Ta5SKey7kmGpFZSSJ6fZQ5zrnyOI7a14o%2Fj33WJYXhrU1GN31suylLyg37huLgaRfjcpzaP0SfaTxfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6e338f126bd571a4-LHR
expires: Wed, 26 Oct 2022 10:37:32 GMT

GET
H2 200 smush-lazy-load.min.js Show response
bigkyiv.com.ua/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 87ms
87ms Script
application/javascript 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10574983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 19 Oct 2021 10:55:13 GMT
server: cloudflare
etag: W/"616ea411-1ef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5fYww2j16hBraukYBS0VV%2BFyQ5dHJSSd9A9W0BHh81FvRl2LrRQm6Nz9n57Q77WqI1Tqhys1BmapSGd3Lf%2BCHhf6kwktXP5VM9%2BQ8cERzf7hR9XqK7qvcVMy6YJw03VS9RX4H9ZcwIxP31WDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6e338f126bd671a4-LHR
expires: Wed, 26 Oct 2022 10:37:32 GMT

GET
H2 200 wp-embed.min.js Show response
bigkyiv.com.ua/wp-includes/js/ 1 KB
1 KB 104ms
104ms Script
application/javascript 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-includes/js/wp-embed.min.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Feb 2021 22:45:54 GMT
server: cloudflare
etag: W/"601b27a2-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAkU50FHxQjP%2FUQ5zC%2BN9ocBG%2FwZIBwZywk02W2r5EVrUkrNnBboEipLYNX5rNYDMhNdB%2BwqQ9wVqRSuG4YZ9%2Bk8QHH38dhcvheEESQXuRXefSz98GsdoxDG84vntMAkJ5uvV9q9UXWn1wrOiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6e338f128c1671a4-LHR
expires: Wed, 14 Dec 2022 07:38:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 192ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/plugins/wp-embed-facebook/inc/js/fb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb96955fcdfcf072ef012a210d32a31a22dd79f0c85680f49c70457d2e5b552c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zYc2xLG/frKhpxX9xaCHog==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: C4wF679yM+NylWv/4y8wahHDTK0hwVYjV81AwpeZhpC4eHhnTe9O2ZaAMK4HI4gaLrbMmq9L4iN11A00YNEB4Q==
x-fb-trip-id: 686109401
x-fb-content-md5: 803f0cfc2812aafdd122f72dccfdd3e4
x-frame-options: DENY
date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e9b4b96d90cd2929f6709e76881dcac4"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 25 Feb 2022 20:20:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 191ms
71ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: vC1VBNXlQlPypN4M1kFSaSAynC/D3sObtslFJ9HXZ+GPEWtIyyQu2NTwnD0nF/T54J2rukBRo7LdVPTRwRzt4Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 25 Feb 2022 20:07:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Lato-Medium.ttf
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/ 622 KB
623 KB 55ms
52ms Font
application/octet-stream 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/Lato-Medium.ttf

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be8bbf7105500e8fc1f9429307fb396905a0e6cff63fe1eb751bb319d0f1b0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
Origin: https://bigkyiv.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 637068
last-modified: Tue, 23 Jun 2020 11:11:17 GMT
server: cloudflare
etag: "5ef1e355-9b88c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPwIxoJZe6hXsbcpWSC%2Fh%2FpcqJfa61%2Bvz%2BuAX8uFb4Cn4khRDzipCAy1RZOWEIDvYBk720OOtkAtM%2FaUtTigQsWg9hWFtO%2F9azh20CK9NbBXrZw37kQfuXkcQhlL%2FF5%2BJGvSLkgsJy7%2FiLxakw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f12cc7971a4-LHR

GET
H2 200 TTJenevers-Light.woff2
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/ 60 KB
60 KB 75ms
74ms Font
application/octet-stream 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/TTJenevers-Light.woff2

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b740279ccb7e599cb99201f1c7b39266c664202cc5ab1c7f7d783c1365e5510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
Origin: https://bigkyiv.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61184
last-modified: Tue, 23 Jun 2020 11:11:18 GMT
server: cloudflare
etag: "5ef1e356-ef00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAyg%2Bc1E85jRGsoNS6DbVbGhQNVzn9vCutzeaftPl9SbGsMnvLr8iRXj77%2FpkX8wTgorT1UWVATWuSbIK3rSWkMkDjOmWECITggEtbhvfA4pftz8BGaezMp5BOO4BQi0FampQg67RpffMKfD8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f12cc7d71a4-LHR

GET
H2 200 TTJenevers-Bold.woff2
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/ 60 KB
60 KB 75ms
74ms Font
application/octet-stream 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/TTJenevers-Bold.woff2

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

438a421af3ed9cb27a351e732df7fd7d49203e123c276a0bd087d1658028dd39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
Origin: https://bigkyiv.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2496
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61060
last-modified: Tue, 23 Jun 2020 11:11:17 GMT
server: cloudflare
etag: "5ef1e355-ee84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrZepn5jgEf0zGa%2F7%2FmAeakHIQ%2FmXO8OdAciPdbbziPbD3j%2FIyPqAj91W%2FK%2BN21mRx%2F8AmwtWpMK5QQ7R7iLOW4WdrimGZjh417RDELVrQiP4HmLX4UX9U557wrNtPJRwabLyAx%2F687uKOWm%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f12cc8071a4-LHR

GET
H2 200 TTJenevers-Regular.woff2
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/ 62 KB
62 KB 131ms
130ms Font
application/octet-stream 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/TTJenevers-Regular.woff2

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

654950499a64cde1538c7d881e16d7793eaa76b7d15c4bff2ce49eb3da0c52ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
Origin: https://bigkyiv.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63036
last-modified: Tue, 23 Jun 2020 11:11:18 GMT
server: cloudflare
etag: "5ef1e356-f63c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lh1Swv0uAPrx55Q9U%2FXjgRwMzGjDbmSB1%2Fo4NNqZemjIZHOlgXmwx5KNC7p%2B%2F3HOHXNLAwTO8FZJuCBaWFqqkutd8iSBdllg8PXfUOqO%2F%2BMHRmU96kKfI%2FCUXLugee3LPh1CUiEr6ag0%2BOIGwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f12cc8871a4-LHR

GET
H2 200 / Show response
ua.redtram.com/j/39847/ 18 KB
5 KB 2103ms
647ms Script
application/javascript 62.244.25.76
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.redtram.com/j/39847/
Requested by: Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.76 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 336d3a07835551bd7d201df0f522dc5bb1f19be6076b15290b4d77701813b29b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:17 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 14:03:01 GMT
server: nginx/1.18.0
etag: W/"620fa715-492f"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
expires: Sat, 26 Feb 2022 20:07:17 GMT

GET
H2 200 play.svg
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/icons/ 796 B
766 B 76ms
76ms Image
image/svg+xml 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/icons/play.svg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd9de530d50c16cc3f71ce8f0df97198f099c0692d7be7e8551e1fb73b66170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10499213
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Jun 2020 11:12:15 GMT
server: cloudflare
etag: W/"5ef1e38f-31c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6kdlHL7dYMX73ogcfJ7GKbq%2BkkyGH%2BWWctGK%2FJF89wkr5YiPBDdRGQ5apQiQEwDFwmD5kSejb5esag3WubqH%2FUBXfF%2BguWNKWHsrkLOFaEXGtexf4z555UnD4mveedMGll4tpQh0O3GI1ZD%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e338f12fcbc71a4-LHR
expires: Thu, 27 Oct 2022 07:40:22 GMT

GET
H2 200 ArticaPro-Medium.ttf
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/ 253 KB
254 KB 76ms
75ms Font
application/octet-stream 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/fonts/ArticaPro-Medium.ttf

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5be91ce443186ba47bb21b00c90d3d3eef83eda21f8da12051b1b7f92fd1ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
Origin: https://bigkyiv.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 259164
last-modified: Tue, 23 Jun 2020 11:11:17 GMT
server: cloudflare
etag: "5ef1e355-3f45c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCSdSoXf6Xtyir%2BaN7nAMBqxvbVmxReOo4bZIIe3Jir%2Fy7FOtstj%2FRg6nlD%2F0hCD7MzAXTN1qQDMi4zH0F5J5MQeyR5WRW5ZHc8LhPKY4zIFiYGartwBZtjnX32hOruUUlzKpNDEIwm321jM%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f12fcbf71a4-LHR

GET
H3 200 logo.svg
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/ 36 KB
8 KB 239ms
238ms Image
image/svg+xml 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/logo.svg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0ea4deef4aaaaf89e94b92bb919e720205ae6e153668031dbab60fec690395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10551382
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Jun 2020 11:11:18 GMT
server: cloudflare
etag: W/"5ef1e356-8e91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iWstOnOOuUXkyvJNgxycf8%2FKAr2ct1hN6k2%2BavDjKol%2FR2p6t6eJ14Xoh%2F884UaA%2F4OxQOMWd5s9I5H%2BH0chqRztmrvYKoxduoDNghGX8ORdzHj3zPkLo81fmWf0M5UgWiEOj4hS4xUpr2bNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e338f132b3276a7-LHR
expires: Wed, 26 Oct 2022 17:10:53 GMT

GET
H3 200 2714926-800x555.jpg
bigkyiv.com.ua/wp-content/uploads/2022/02/ 114 KB
114 KB 108ms
107ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2022/02/2714926-800x555.jpg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f4efbfcc0fb4e61c6b52faa6fe93a2dcd6447b5173b925b5f4ef93593af00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3639
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116471
last-modified: Thu, 24 Feb 2022 19:38:05 GMT
server: cloudflare
etag: "6217de9d-1c6f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAE7BeVxiYkHUXKcLS%2B4Sb1D9O8lnZQDHd%2BfZV3juw%2BgzdsRJEOkLltB4a2DKOCygE2sOCWR4FiYjZz95RBGYxS6aSi86wTKBPnsfwXnv2YksvikPK0Ak3Ad0l4mF0bLVSfJhDRYa0qJyVtQlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f132b3576a7-LHR
expires: Sat, 25 Feb 2023 19:06:36 GMT

GET
H3 200 2-3-20-360x241.jpg
bigkyiv.com.ua/wp-content/uploads/2021/12/ 24 KB
24 KB 289ms
289ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2021/12/2-3-20-360x241.jpg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9cd51d7d72a66202d0c447a0fad3d0dd5fe7dd1a05135780f42c98c90884824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24432
last-modified: Sun, 05 Dec 2021 20:39:26 GMT
server: cloudflare
etag: "61ad237e-5f70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FBFE3eiEjFpAiQoL4F%2FTpOPGGytQ5IbN2WPZ0GjbysRJPZTkqE0id52SiZCCznEMyCbfgyPiUVPQh8l3XOl5snOCSYdzQAN0nzuqyDZSCWP7LK5jCb5TdVtiMq%2FhRkQkFundRCaBlJ1DeyUtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f132b3776a7-LHR
expires: Sat, 25 Feb 2023 20:07:15 GMT

GET
H3 200 poroshenko-360x241.jpg
bigkyiv.com.ua/wp-content/uploads/2022/02/ 22 KB
22 KB 54ms
54ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2022/02/poroshenko-360x241.jpg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa5abeedfdbaacc7c62b19f8f9c01b5485fc50f8ca4a1a004f6abd043ff2840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3619
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22338
last-modified: Fri, 25 Feb 2022 18:35:27 GMT
server: cloudflare
etag: "6219216f-5742"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeGKVKmhPhn9RxIBDnsP%2B4IvsNTwoQF26tw2hH5XpmIFE12iXZWB0bpW1%2BO9lM94fGKwch%2BpCE0b%2F%2B2j5UC75pj88y4ZOhnff4JueM%2BCBuDkpy7IcSyu9lxfZKwRiaES4I28dJUFS7ZZ%2FEu5LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f132b3a76a7-LHR
expires: Sat, 25 Feb 2023 19:06:56 GMT

GET
H3 200 tut-360x241.jpg
bigkyiv.com.ua/wp-content/uploads/2022/02/ 17 KB
18 KB 297ms
297ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2022/02/tut-360x241.jpg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0419432c42fe35dd0fe096e7a5cf2a4ca00eb14d935ea06979d8683e21fee80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17436
last-modified: Fri, 25 Feb 2022 17:45:16 GMT
server: cloudflare
etag: "621915ac-441c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5MySG%2FC4QK69CWP4qltbwwtL4MZ6q749Qgh0tJBPIfcTdnScmevlDeX3%2FFmWXdqtlQfSm%2B%2F%2F1AcDEmTZqZ0YfEhkYxovDgBxQ1uQkkHqlwuUJw2WjuJ122rJ1p7uAboFi4qin8r%2FOMcZzPuHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f132b3d76a7-LHR
expires: Sat, 25 Feb 2023 20:07:15 GMT

GET
H3 200 002-65-360x241.jpg
bigkyiv.com.ua/wp-content/uploads/2022/02/ 20 KB
21 KB 327ms
327ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2022/02/002-65-360x241.jpg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8dc8d02326224913d7df7850440c9310c34475d5de01ac43439f6e31838e5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20705
last-modified: Fri, 25 Feb 2022 17:06:03 GMT
server: cloudflare
etag: "62190c7b-50e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu17aYN8JPxWVC3bXylbbgr2PSbTAe%2B7I6n16A14xyr1KkuPUYO8i8camxBMCrofPk9%2FTJe%2B%2B5zRrE5vkaRuQfT%2BgTkkVVg7Gunc%2FbJVOnwXNp1ld2PcWV7754GDsFerROmkeDK6H3TBYL%2F9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f132b3e76a7-LHR
expires: Sat, 25 Feb 2023 20:07:15 GMT

GET
H3 200 search-mobile.svg
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/icons/ 733 B
958 B 329ms
328ms Image
image/svg+xml 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/icons/search-mobile.svg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39eda64b68dc0ef46c98a8d24ad2144e897e4192d544ae9a1888bb0b427b11a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10556233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Jun 2020 11:12:15 GMT
server: cloudflare
etag: W/"5ef1e38f-2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2F4w4jXNooOiHEJ3tZfZaW86JtNY0oNsVM8%2FeuUjaAfrgyRup4fb8fhFnLB9K9Fm2FTX1SFKTCUrb9unX9TO%2BJdLmozBPtqtq6faI6wSXGXUv8vBhxVHRkWNf%2Fz9wS0MUW1QsZejZB3iNABpug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e338f132b4076a7-LHR
expires: Wed, 26 Oct 2022 15:50:02 GMT

GET
H3 200 search.svg
bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/icons/ 1 KB
1 KB 329ms
329ms Image
image/svg+xml 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/img/icons/search.svg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02166dffd4f5f47e47652369c8dcc5b3c956abe312610909db3231e66dff4f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/wp-content/themes/BigKiev/assets/css/bundle.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10556235
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Jun 2020 11:12:16 GMT
server: cloudflare
etag: W/"5ef1e390-554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asvOokzx3ZYKfF2e0koVcsk7eI%2F2Id7BAkNBc5YpLRAueD5zoyFqMqnL8MuEnrEqBJYsymHyIduvDSHPq%2BZFCZOdnCwUCdbV7u0HhVSe4Su%2FRCnyVmSjjgAN1Lykfj6tgOg7zSW6bzuetIkObw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e338f132b4276a7-LHR
expires: Wed, 26 Oct 2022 15:50:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 302 KB
85 KB 153ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=178b7df9d5aecf364edf3ad3d5bf2685

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

200466926212792e94025a89c780ccf14790a958898472cbb8d65bba4b5bf431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bigkyiv.com.ua/
Origin: https://bigkyiv.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yYKoiOnImRsEw3wBwSASGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 86803
x-fb-rlafr: 0
x-fb-debug: BjQ07RFOurpChkez6MsZuT46d8Y+2KLygtcI2i/YTCDvkCojy0icUAu24HJ4mQbTMqDkHTv/AFlXEXdn5ag8Jw==
x-fb-content-md5: f3241c4635dcddc9acfed022e6e6f9d9
x-frame-options: DENY
date: Fri, 25 Feb 2022 20:07:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b0666d7cd7f711eb5ac8965a3c4b77da"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Feb 2023 19:11:59 GMT

GET
H3 200 641195369781520 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 260ms
192ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/641195369781520?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f12ee7be25cf6fd5c039b83434bab2b33bddaa678ed429732bfeed94d7b0215

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qpGghhK66OBqUn6R1k+RF4Z9pUN70wxYC/D5nmUu6gwA9wyvB6dSzL2e1MID/EPAqs2bfWz35wFHU7+JB5d6KQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Feb 2022 20:07:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 196ms
65ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78698572-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 144
date: Fri, 25 Feb 2022 20:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Feb 2022 22:04:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/ 291 KB
105 KB 160ms
96ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2880965436535888&plah=bigkyiv.com.ua&bust=31065030

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2880965436535888

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb520250289b8b5e7dd418c0c4562611eefd6adc09c2c03dcb61181fdb4ee03c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107193
x-xss-protection: 0
server: cafe
etag: 4996022975644685206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 20:07:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame EA0B 10 KB
5 KB 204ms
67ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2880965436535888

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 25 Feb 2022 04:58:03 GMT
expires: Fri, 11 Mar 2022 04:58:03 GMT
cache-control: public, max-age=1209600
age: 54553
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 1157-31393-31-335x224.jpg
bigkyiv.com.ua/wp-content/uploads/2020/05/ 17 KB
17 KB 73ms
72ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2020/05/1157-31393-31-335x224.jpg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d7e07759d94e6a4f3fec880b8937f69101714be6f20161c2acf3856eef7d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17087
last-modified: Tue, 23 Jun 2020 10:54:48 GMT
server: cloudflare
etag: "5ef1df78-42bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=382GacL0%2BPMeyzTvrogSWGk1aW44ysMIfZd3jRuvQ%2B8V0ou0U8%2BurYe4B47jQ3f0aSHPbjMuL5DwbSM4gvHDHE1Yvdjy9uVofvcpa8nf7ibjmU2ReAFYIjhr2gP7PnJUSbF2UqDPV%2B466YQEWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f152e5076a7-LHR
expires: Sat, 25 Feb 2023 08:14:15 GMT

GET
H3 200 003-38-360x241.jpg
bigkyiv.com.ua/wp-content/uploads/2022/02/ 18 KB
19 KB 62ms
61ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2022/02/003-38-360x241.jpg

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075c3d048153667692538ff29ed8095cf5fb54f9c26ba993939a4a49ea517ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7362
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18675
last-modified: Fri, 25 Feb 2022 16:16:18 GMT
server: cloudflare
etag: "621900d2-48f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7jcEstDw6Yy7rzwjloZd7BFCcNZfA%2BFqfvrxm8kzGavFWe0T9qvUxeLmA6guNhoFE6XUFeev%2BnOxWsNoMKBWVuZ1GLLgkZ%2FPHiKQQ9%2B98TXFgkVGZPTd%2B3Qi%2BoZpWVqhBRR2HPRM9DihhDVsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f152e5576a7-LHR
expires: Sat, 25 Feb 2023 18:04:34 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
61ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=925214464&t=pageview&_s=1&dl=https%3A%2F%2Fbigkyiv.com.ua%2F&ul=en-us&de=UTF-8&dt=Big%20Kyiv%20%7C%20%D0%92%D0%9A%20%E2%80%94%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BC%D0%B5%D0%B4%D1%96%D0%B0%20%D0%BF%D1%80%D0%BE%20%D0%9A%D0%B8%D1%97%D0%B2%20%D1%82%D0%B0%20%D1%81%D1%82%D0%BE%D0%BB%D0%B8%D1%87%D0%BD%D1%83%20%D0%B0%D0%B3%D0%BB%D0%BE%D0%BC%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1393673627&gjid=1526880638&cid=432715598.1645819636&tid=UA-78698572-1&_gid=787351764.1645819636&_r=1&gtm=2ou2n0&z=637695895

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigkyiv.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigkyiv.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 177ms
57ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=641195369781520&ev=PageView&dl=https%3A%2F%2Fbigkyiv.com.ua%2F&rl=&if=false&ts=1645819636253&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.2.1645819636251.258797560&it=1645819635838&coo=false&exp=p1&rqm=GET

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 25 Feb 2022 20:07:16 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 184ms
64ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bigkyiv.com.ua&callback=_gfp_s_&client=ca-pub-2880965436535888

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2880965436535888&plah=bigkyiv.com.ua&bust=31065030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

46a135df6c666f44386eb8cb8618b143591359111de2494901c7179686a55a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 195ms
79ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bigkyiv.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 194ms
77ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bigkyiv.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fbigkyiv.com.ua%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45BA 159 KB
44 KB 384ms
321ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&adk=1812271804&adf=3025194257&lmt=1645819636&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fbigkyiv.com.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635964&bpp=3&bdt=444&idt=298&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8259303834495&frm=20&pv=2&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=320

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1496457f82fe0adeb6cc283601fed05321a1bbecb1e921c6eeb0389469ad8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Feb 2022 20:07:16 GMT
server: cafe
content-length: 45360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 20:07:16 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 180ms
66ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-78698572-1&cid=432715598.1645819636&jid=1393673627&gjid=1526880638&_gid=787351764.1645819636&_u=YEBAAUAAAAAAAC~&z=1223881601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigkyiv.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Feb 2022 20:07:16 GMT
content-type: text/plain
access-control-allow-origin: https://bigkyiv.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A487 21 KB
9 KB 425ms
380ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&h=280&slotname=8635171054&adk=4053852298&adf=3092718367&pi=t.ma~as.8635171054&w=588&fwrn=4&fwrnh=100&lmt=1645819636&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fbigkyiv.com.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635967&bpp=3&bdt=446&idt=329&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8259303834495&frm=20&pv=1&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=521&ady=862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9bvlFSG2pa&p=https%3A//bigkyiv.com.ua&dtd=334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e6ad2c4f8174f61b18ead889499245c15f955913cadeeb0a9db381479fca84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Feb 2022 20:07:16 GMT
server: cafe
content-length: 9495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 20:07:16 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB49 430 B
230 B 323ms
285ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&h=280&slotname=2272355954&adk=2933004099&adf=876127034&pi=t.ma~as.2272355954&w=588&fwrn=4&fwrnh=100&lmt=1645819636&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fbigkyiv.com.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635970&bpp=1&bdt=450&idt=337&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C588x280&nras=1&correlator=8259303834495&frm=20&pv=1&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=521&ady=3853&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0COyk6yQCf&p=https%3A//bigkyiv.com.ua&dtd=340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba0d513eba794942993535ae559766cfdf1d94c907356b4aa22dc1501f0fb24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Feb 2022 20:07:16 GMT
server: cafe
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 20:07:16 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 202ms
80ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-78698572-1&cid=432715598.1645819636&jid=1393673627&_u=YEBAAUAAAAAAAC~&z=1365449349

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 202ms
80ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-78698572-1&cid=432715598.1645819636&jid=1393673627&_u=YEBAAUAAAAAAAC~&z=1365449349

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 86ms
86ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=2933004099&adf=876127034&fmt=588x280&str=true&ad_y=3853&vph=1200&r_nh=0&r_ifr=true&qid=CIL6q_bTm_YCFc22GAodaV8B0w&w=588&h=280&nh=0&rsz=o%7C%7CpeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fbigkyiv.com.ua%2F&eid=42531398%2C44750774%2C31065030

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/ 151 KB
54 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180301/reactive_library_fy2019.js?bust=31065030

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f9e4487407d13193ed02170f81adee1bb6c5b7a4f44b9b164508d09e19b1ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55001
x-xss-protection: 0
server: cafe
etag: 4464244111106787480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 20:07:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 97ms
97ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-2880965436535888&eid=42531398%2C44750774%2C31065030

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6D30 624 B
300 B 72ms
71ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGPnN68EBMAE&v=APEucNVXWDNuVgFA4e3eCdvWQ37NeOYrPXFi0w2radE-iLUrSe95f5yk2cwL1VBwMD3y17jkV7W7qJLbwK5ue_iUb2bHtvRNWUnPoNhWW8tGHpA8z6Ai73gnEAaxhWLJjLPENZ1rusHD_bIxdtK0ALdS0RQIbJwsy7WSHwlL7cZtMYjF-mpJkxI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&h=280&slotname=8635171054&adk=4053852298&adf=3092718367&pi=t.ma~as.8635171054&w=588&fwrn=4&fwrnh=100&lmt=1645819636&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fbigkyiv.com.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635967&bpp=3&bdt=446&idt=329&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8259303834495&frm=20&pv=1&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=521&ady=862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9bvlFSG2pa&p=https%3A//bigkyiv.com.ua&dtd=334

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&h=280&slotname=8635171054&adk=4053852298&adf=3092718367&pi=t.ma~as.8635171054&w=588&fwrn=4&fwrnh=100&lmt=1645819636&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fbigkyiv.com.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635967&bpp=3&bdt=446&idt=329&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8259303834495&frm=20&pv=1&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=521&ady=862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9bvlFSG2pa&p=https%3A//bigkyiv.com.ua&dtd=334

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 25 Feb 2022 20:07:16 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 20:07:16 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C4F 77 KB
32 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4c_HMz49vNYacHG6br-WrXHgjDIc-xgvutL73_UAhCl9B2K5oDi3TsGN6c_C3y8EIxqe73BNZIRkcEer2d97LYBfhesSkXNWBhM13M9FDPkglZnwsRJQojsUEYPnzLpULnM-K1t_JpkfcH6MeXzs-wzQIRA&dbm_d=AKAmf-BAfs28TWAI_zj5QV9ENFq3voqeoy3yGrCzwRltyulg6OSkzwh4397dW1DP9HljL5Foq7Y5Dp9UmM8laMU0ZSiq-5VVNAfGamePOXpu0eLEheCn_LqH9FqO3cNl1DsIu2aCZct3Mqfw1vTDhs3Hjp3FVyjdLSTp3S0w51CTK8ppmJAtRCSJhftaXgJ0_PKssUTN6kuEF_57sGv7fE4Ryc96aDlaJHziWaElDOnoBnpes-0g3tjoyUnl3f2zOfDErIkhhagVpqV9m9UYrksSnA5twMWk4f10paRLfjNoHFFIPYEj-QMHcFF29qWzU25AJpvtUMOoMbUOFLxOaSedwvIMy_FiG82yhyr9M9ozlTDDRjQEGUwaJNUErmr9yVd2I0KIM478FO7h7rNFQwsEydfSdzllxBICJhJK5moMPohaieCQP69eqZd9ul22Z4oho8hAC3P3BWAPVTHcLYhyqZm4hdsCAzKTmXCcOCBZhDqwxb3fhQ86_kgO5rJfEvRA0m-MuyVNuLjJZpco01vaerC5NXyiJQ5JEPUw3ZWWZASVVgN2NPyq1Nu24lOJ61IiG2lt2AKeAGzUDc0LJ5pMxG25ptvb-0J_6VADoMx7YvBGZd6Uwo9S0B_9iODn496ljEyeS3p-Ir-sLSMDhzllu8ZnnzdLEsXHMBKu-ybM3-1a-k67f7jG8ztFWbRx63iGrcvd9nIBiLZRs_1SxuqsV46izbc2NzhD-h8JQORH6td6cMEY4zXl6Ntlgu4_5JAMqSeRgpjGsVmFAWJyeHJCfNUb8u1x2kpwkS3j6O1_UUW-xX48V-NsR1Hg6WHxkn18Y0k_Y5VSjGrewc6xyZxrhnT5Cjp5hRRCppoBfHPJfQO9UiItNQ3S5q8zh5_1zz6aO3wvuNqgqmxVpG3IgUMctfYYKTRi_D3ecLSR8I8tqFpD1EPPRTTbWzekhIwwfPoxdCJMlXYrXkkqLLPa5IWTQ2I9pe9JA0XKLhbqdGHGJ-svlckhfExrwGZKLJinGdXb_ajZiW1GyriM8yX3hHfiOuWZfIg0A6igUtNHEtDjy_GaJMy0NhB7I8hr6GKBEYOtyLDaAy9czzyHopOF7fL_UJTvCWSiQ0LBiCaHUknCmQvH_ktmOlGQ8wNqI3yNWMpJDPE2EcKzp57c2ywlQpksgnfGKmzd0ehji10VlUBnKLlku7ZIq2SP8IQjtYthqzBn5zv5CnrbtBvG_GeA82ZSsDe9O3vozBxZqq8-dk1GE-80TnlyfgtShwAPSDoPFvbO-kLEo5HtSXD1igc90MebGKAqF_EsCn8yXuQT51eklkqaU0hnop15yYOT9ASmZWVmteFxI2lvEB8SdO9wgNL4u6uStA11SVl8v5D4994bEAn-vKCdwIV8B7zzqmY2BLI9I8yTEFbmc86ZfX8w-hNBhbmcwlafto_xEueT1H3vX_dEVL5fXYs4rVqW2ZOW7nS4xkh512lWbZr0y-XTtVlRxzy2Km5GJWkAF5FHIpMc4sh_upTbZvsmA-9eDObgsr1GjILbxzSj9Jg0yWAZSy1oAPSYI9TiOC1U1iz7Hx3vpYi6iEmBLP4VzHdLs5fXE8-xiFSnmq1GfdFnF3qStr121zISPUvVlPCYsgv7EeVSaZMk6lF1vfvnaYu4KPWq-jGRliLdyiNEFtFcdibgzz7ZerPpXM4OCRyI7TtxMBYJry2TGKnyTXSHNrhS0QCejNTpc0fsWtYyGVMm4YsZ9-vo0L6F0LdZ_8huZhUCTVhnV3rzW6l_bbTpII5KFTfslah4bm-CdsQeeNnlck0yYl3kw48gLR7m4YuDKpBh1HU7t-6fPBsZKkIckGIhzNC3nFvoSJQVsG7VKjBRfpmA6IbNPzT7NnXTskE4jXmsQgyhLfg30OEUzhGqAmpnKWErc3faiprNssSB6dbAb0mtf9cuA_aHWXJOrrzq3K9Vd6Vu9_2iCRVOH2QjfDYK8NXkwue0TWQxXXF7t8Rvij9R-YEGPelpH7d05DFuXwKyAYOqUg6EnZdyCcOv1NDsJPezPznd4-DpRIJb63m3Q0qnm9QoFH_kqAZR-MguqaZwUwDM0plGpmlmfuAxA8wYGHp689g-YgGyNm3nURdV8yow6AOVtNNhVrR49Y6q-5UKUAkG86td4htB64gXY8xIFEY0JBZp6dQa79DIDm5ne233mLK7UbF0y6r8dHLVgeYCpDsag41P58jO7vo0seFQQ1lVdsAqSGDcKjNl-LgINGN-8Rq9sc05hciBbjGcSvRk5AcQjmFlPqGpxK2YdB1Yfi0mUM61z7EWnNNre3R4onAkakDQNQgcpTmtWG5hxglzzf63w7Ak-itXPVXY_pGidDEVBQddE8gF1OrmJwfzn6PNuVZYnvwKLZnJjVjxDmndOflpPhsduaIctPEgH5SzSD2Bm_y5VT9b5cpVqI6HyASKnBoZDsFHOv3mVd7pss8u5lU_aSg1Tokk3w0qsv3BW2aP7j7Jfq9NPpldZxkdPLFxdJLCVpkLeeKUppLia9niLNx8T4MioQQYHKyaBQe7uf8wm8fLpsUEAKTvneJc5KSBYJ7_kKXGPZq6jxMa8Im8drGDxGhsIoMGfIS7Vemdq9Z7BDeqh0h-t-r_FX5wq-HWsvpaYbyGgEiehmWbOR7ORmHM1zdvCByF8LSOP2eHMv5MC3D-zj4Ilo0_fyB5xshsoqWQvMYazKirE362pTA2REfy85nLFMvaNRM3blKkwKHI2qSgJc-IeXUSleVfEkMEOSaJgGSadsowcDw8mmT7Uiw7XKYGVJME1QbE74X4MLTu8YhFNAg_MTo-awiooBbIBoM4A_MOhsXFzFHFxskLGgk9E720sGW7t-qCiPTca4ndlf2mbaVzx3pscLi57bIe01kR8Ag8W-4_8jq6577Y4GWtt9XXLZVcSCoqu4THiLXDRndpHYw83AbaZ9AJ-yfUd2YbmPEdXTCMJA9BNmtNdRDr_VsPIJtB57msg8N9iaHk6VtrHjEjtJKVlPbRp0z1gjWp8wtJn-g5Yled7QCpZtuwnrMHJGW3K8NLQgrga0ERKXi5koKx-fC-SiU2otpu520KrUVL3O8dvqp4R5VnSdFziqXif7_po-di1kfFQmjCddfzV_KFn6Oirkxe0wy7X179L45ApOvQr6RiKtGX4FksiuT0JQMTyLYyjUN1ocDfDBv7d09PoAjRdHHA2WJskfBfQT7mLGWmKzoAmrk8lVMtOnQasrRlNEXTkKilFpt3Brqygtgg0iIySfD08dVKvS0kr5g5-whn0lTk-E_HygDxnh0aa57k6hjO_ThQmmhrNvxP0AD5pQMMrJ_qXbJO_DkUEG-j-nHMNGc_YrIDssII54dAwNYH1xZRmTSgiFfWdDlA_IcjKiehEJIxs9I1NqZt1QEP6gRIPMkEN1Ve6fswyX-TBMA6bsmVyj99nLh7UJsrXFfxQly706OwkqO8qmupUcsMXaXb6LAOxILqUciq6Wtl88K5CO6vH2TnI1p6vmZ5cxwto3ldchSN0Tn7TEpgZ-VQBFoNONoZJX7RjNdrm_EwiwFBfOJL2VQGn0LD8uS5LVlKAnN6JHE8LJSJ-NTfOE-_XEytv2WTs-ZCgqGvcX1jmx-v4qOtmD1R_79EOlI_8jxBDnTwFiH2s7h9JhpYFJs3dtZUpNI58ACr1HWzxo87OKMPZsY&cid=CAASBORoN4g&rfl=2%2Chttps%253A%252F%252Fbigkyiv.com.ua%252F%240

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6367bb32e827b45b5adab1d83b4fc1c25306c5091cdbc504623f0e50baf90fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2880965436535888&output=html&h=280&slotname=8635171054&adk=4053852298&adf=3092718367&pi=t.ma~as.8635171054&w=588&fwrn=4&fwrnh=100&lmt=1645819636&rafmt=1&psa=0&format=588x280&url=https%3A%2F%2Fbigkyiv.com.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645819635967&bpp=3&bdt=446&idt=329&shv=r20220223&mjsv=m202202180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8259303834495&frm=20&pv=1&ga_vid=432715598.1645819636&ga_sid=1645819636&ga_hid=925214464&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=521&ady=862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31065030&oid=2&pvsid=4408917147471569&pem=822&tmod=1768177977&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9bvlFSG2pa&p=https%3A//bigkyiv.com.ua&dtd=334
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32908
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 7C4F 2 KB
1 KB 199ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:06:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C4F 124 KB
39 KB 216ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 20:07:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 7C4F 15 KB
7 KB 197ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:05:51 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C4F 42 B
63 B 87ms
86ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRS-otPPkf6OZ18O6wcyoEU50ZSHrTcdt66PGfJ01vuCturjg1ONfPCo-RTc1Kj6ShG9I9MsSqT7TzC741QMs4uOcNBvsHPlwUH235s3cgemNYkMs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D1FF 0
17 B 118ms
58ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://bigkyiv.com.ua
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

content-type: text/plain
access-control-allow-origin: https://bigkyiv.com.ua
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Fri, 25 Feb 2022 20:07:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 100ms
100ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-2880965436535888&eid=42531398%2C44750774%2C31065030

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 125ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bigkyiv.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
64ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bigkyiv.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/ Frame 7944 10 KB
4 KB 55ms
54ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 25 Feb 2022 04:50:30 GMT
expires: Fri, 11 Mar 2022 04:50:30 GMT
cache-control: public, max-age=1209600
age: 55006
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6D30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQA_citE_3u97T2ZwR2Mcs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQA_citE_3u97T2ZwR2Mcs&google_cver=1&C=1

43 B
1014 B

106ms
97ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQA_citE_3u97T2ZwR2Mcs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGPnN68EBMAE&v=APEucNVXWDNuVgFA4e3eCdvWQ37NeOYrPXFi0w2radE-iLUrSe95f5yk2cwL1VBwMD3y17jkV7W7qJLbwK5ue_iUb2bHtvRNWUnPoNhWW8tGHpA8z6Ai73gnEAaxhWLJjLPENZ1rusHD_bIxdtK0ALdS0RQIbJwsy7WSHwlL7cZtMYjF-mpJkxI
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 20:07:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 25 Feb 2022 20:07:17 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 20:07:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQA_citE_3u97T2ZwR2Mcs&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 25 Feb 2022 20:07:17 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6D30
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yhk29dAkze9MyzConS3YwQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMeR8RsvmapKIsC4sOw2occ&google_cver=1

43 B
894 B

71ms
71ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMeR8RsvmapKIsC4sOw2occ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGPnN68EBMAE&v=APEucNVXWDNuVgFA4e3eCdvWQ37NeOYrPXFi0w2radE-iLUrSe95f5yk2cwL1VBwMD3y17jkV7W7qJLbwK5ue_iUb2bHtvRNWUnPoNhWW8tGHpA8z6Ai73gnEAaxhWLJjLPENZ1rusHD_bIxdtK0ALdS0RQIbJwsy7WSHwlL7cZtMYjF-mpJkxI
Protocol: HTTP/1.1
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 20:07:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 25 Feb 2022 20:07:17 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMeR8RsvmapKIsC4sOw2occ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6D30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJUhH9kg5gkNF9-X7pid9k8&google_cver=1

43 B
1016 B

93ms
54ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJUhH9kg5gkNF9-X7pid9k8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGPnN68EBMAE&v=APEucNVXWDNuVgFA4e3eCdvWQ37NeOYrPXFi0w2radE-iLUrSe95f5yk2cwL1VBwMD3y17jkV7W7qJLbwK5ue_iUb2bHtvRNWUnPoNhWW8tGHpA8z6Ai73gnEAaxhWLJjLPENZ1rusHD_bIxdtK0ALdS0RQIbJwsy7WSHwlL7cZtMYjF-mpJkxI

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 20:07:17 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a1fbb997-0134-4953-ba70-6edd593a2132
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJUhH9kg5gkNF9-X7pid9k8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D30
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5MTI0MjA0NTM2MzI3ODcxMw%3D%3D

170 B
188 B

145ms
83ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5MTI0MjA0NTM2MzI3ODcxMw%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 20:07:17 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 419accda-dd1b-4ac3-a730-55221a4c3c0a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5MTI0MjA0NTM2MzI3ODcxMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 7C4F 106 KB
38 KB 204ms
57ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Feb 2022 14:21:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 7C4F 8 KB
3 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4c_HMz49vNYacHG6br-WrXHgjDIc-xgvutL73_UAhCl9B2K5oDi3TsGN6c_C3y8EIxqe73BNZIRkcEer2d97LYBfhesSkXNWBhM13M9FDPkglZnwsRJQojsUEYPnzLpULnM-K1t_JpkfcH6MeXzs-wzQIRA&dbm_d=AKAmf-BAfs28TWAI_zj5QV9ENFq3voqeoy3yGrCzwRltyulg6OSkzwh4397dW1DP9HljL5Foq7Y5Dp9UmM8laMU0ZSiq-5VVNAfGamePOXpu0eLEheCn_LqH9FqO3cNl1DsIu2aCZct3Mqfw1vTDhs3Hjp3FVyjdLSTp3S0w51CTK8ppmJAtRCSJhftaXgJ0_PKssUTN6kuEF_57sGv7fE4Ryc96aDlaJHziWaElDOnoBnpes-0g3tjoyUnl3f2zOfDErIkhhagVpqV9m9UYrksSnA5twMWk4f10paRLfjNoHFFIPYEj-QMHcFF29qWzU25AJpvtUMOoMbUOFLxOaSedwvIMy_FiG82yhyr9M9ozlTDDRjQEGUwaJNUErmr9yVd2I0KIM478FO7h7rNFQwsEydfSdzllxBICJhJK5moMPohaieCQP69eqZd9ul22Z4oho8hAC3P3BWAPVTHcLYhyqZm4hdsCAzKTmXCcOCBZhDqwxb3fhQ86_kgO5rJfEvRA0m-MuyVNuLjJZpco01vaerC5NXyiJQ5JEPUw3ZWWZASVVgN2NPyq1Nu24lOJ61IiG2lt2AKeAGzUDc0LJ5pMxG25ptvb-0J_6VADoMx7YvBGZd6Uwo9S0B_9iODn496ljEyeS3p-Ir-sLSMDhzllu8ZnnzdLEsXHMBKu-ybM3-1a-k67f7jG8ztFWbRx63iGrcvd9nIBiLZRs_1SxuqsV46izbc2NzhD-h8JQORH6td6cMEY4zXl6Ntlgu4_5JAMqSeRgpjGsVmFAWJyeHJCfNUb8u1x2kpwkS3j6O1_UUW-xX48V-NsR1Hg6WHxkn18Y0k_Y5VSjGrewc6xyZxrhnT5Cjp5hRRCppoBfHPJfQO9UiItNQ3S5q8zh5_1zz6aO3wvuNqgqmxVpG3IgUMctfYYKTRi_D3ecLSR8I8tqFpD1EPPRTTbWzekhIwwfPoxdCJMlXYrXkkqLLPa5IWTQ2I9pe9JA0XKLhbqdGHGJ-svlckhfExrwGZKLJinGdXb_ajZiW1GyriM8yX3hHfiOuWZfIg0A6igUtNHEtDjy_GaJMy0NhB7I8hr6GKBEYOtyLDaAy9czzyHopOF7fL_UJTvCWSiQ0LBiCaHUknCmQvH_ktmOlGQ8wNqI3yNWMpJDPE2EcKzp57c2ywlQpksgnfGKmzd0ehji10VlUBnKLlku7ZIq2SP8IQjtYthqzBn5zv5CnrbtBvG_GeA82ZSsDe9O3vozBxZqq8-dk1GE-80TnlyfgtShwAPSDoPFvbO-kLEo5HtSXD1igc90MebGKAqF_EsCn8yXuQT51eklkqaU0hnop15yYOT9ASmZWVmteFxI2lvEB8SdO9wgNL4u6uStA11SVl8v5D4994bEAn-vKCdwIV8B7zzqmY2BLI9I8yTEFbmc86ZfX8w-hNBhbmcwlafto_xEueT1H3vX_dEVL5fXYs4rVqW2ZOW7nS4xkh512lWbZr0y-XTtVlRxzy2Km5GJWkAF5FHIpMc4sh_upTbZvsmA-9eDObgsr1GjILbxzSj9Jg0yWAZSy1oAPSYI9TiOC1U1iz7Hx3vpYi6iEmBLP4VzHdLs5fXE8-xiFSnmq1GfdFnF3qStr121zISPUvVlPCYsgv7EeVSaZMk6lF1vfvnaYu4KPWq-jGRliLdyiNEFtFcdibgzz7ZerPpXM4OCRyI7TtxMBYJry2TGKnyTXSHNrhS0QCejNTpc0fsWtYyGVMm4YsZ9-vo0L6F0LdZ_8huZhUCTVhnV3rzW6l_bbTpII5KFTfslah4bm-CdsQeeNnlck0yYl3kw48gLR7m4YuDKpBh1HU7t-6fPBsZKkIckGIhzNC3nFvoSJQVsG7VKjBRfpmA6IbNPzT7NnXTskE4jXmsQgyhLfg30OEUzhGqAmpnKWErc3faiprNssSB6dbAb0mtf9cuA_aHWXJOrrzq3K9Vd6Vu9_2iCRVOH2QjfDYK8NXkwue0TWQxXXF7t8Rvij9R-YEGPelpH7d05DFuXwKyAYOqUg6EnZdyCcOv1NDsJPezPznd4-DpRIJb63m3Q0qnm9QoFH_kqAZR-MguqaZwUwDM0plGpmlmfuAxA8wYGHp689g-YgGyNm3nURdV8yow6AOVtNNhVrR49Y6q-5UKUAkG86td4htB64gXY8xIFEY0JBZp6dQa79DIDm5ne233mLK7UbF0y6r8dHLVgeYCpDsag41P58jO7vo0seFQQ1lVdsAqSGDcKjNl-LgINGN-8Rq9sc05hciBbjGcSvRk5AcQjmFlPqGpxK2YdB1Yfi0mUM61z7EWnNNre3R4onAkakDQNQgcpTmtWG5hxglzzf63w7Ak-itXPVXY_pGidDEVBQddE8gF1OrmJwfzn6PNuVZYnvwKLZnJjVjxDmndOflpPhsduaIctPEgH5SzSD2Bm_y5VT9b5cpVqI6HyASKnBoZDsFHOv3mVd7pss8u5lU_aSg1Tokk3w0qsv3BW2aP7j7Jfq9NPpldZxkdPLFxdJLCVpkLeeKUppLia9niLNx8T4MioQQYHKyaBQe7uf8wm8fLpsUEAKTvneJc5KSBYJ7_kKXGPZq6jxMa8Im8drGDxGhsIoMGfIS7Vemdq9Z7BDeqh0h-t-r_FX5wq-HWsvpaYbyGgEiehmWbOR7ORmHM1zdvCByF8LSOP2eHMv5MC3D-zj4Ilo0_fyB5xshsoqWQvMYazKirE362pTA2REfy85nLFMvaNRM3blKkwKHI2qSgJc-IeXUSleVfEkMEOSaJgGSadsowcDw8mmT7Uiw7XKYGVJME1QbE74X4MLTu8YhFNAg_MTo-awiooBbIBoM4A_MOhsXFzFHFxskLGgk9E720sGW7t-qCiPTca4ndlf2mbaVzx3pscLi57bIe01kR8Ag8W-4_8jq6577Y4GWtt9XXLZVcSCoqu4THiLXDRndpHYw83AbaZ9AJ-yfUd2YbmPEdXTCMJA9BNmtNdRDr_VsPIJtB57msg8N9iaHk6VtrHjEjtJKVlPbRp0z1gjWp8wtJn-g5Yled7QCpZtuwnrMHJGW3K8NLQgrga0ERKXi5koKx-fC-SiU2otpu520KrUVL3O8dvqp4R5VnSdFziqXif7_po-di1kfFQmjCddfzV_KFn6Oirkxe0wy7X179L45ApOvQr6RiKtGX4FksiuT0JQMTyLYyjUN1ocDfDBv7d09PoAjRdHHA2WJskfBfQT7mLGWmKzoAmrk8lVMtOnQasrRlNEXTkKilFpt3Brqygtgg0iIySfD08dVKvS0kr5g5-whn0lTk-E_HygDxnh0aa57k6hjO_ThQmmhrNvxP0AD5pQMMrJ_qXbJO_DkUEG-j-nHMNGc_YrIDssII54dAwNYH1xZRmTSgiFfWdDlA_IcjKiehEJIxs9I1NqZt1QEP6gRIPMkEN1Ve6fswyX-TBMA6bsmVyj99nLh7UJsrXFfxQly706OwkqO8qmupUcsMXaXb6LAOxILqUciq6Wtl88K5CO6vH2TnI1p6vmZ5cxwto3ldchSN0Tn7TEpgZ-VQBFoNONoZJX7RjNdrm_EwiwFBfOJL2VQGn0LD8uS5LVlKAnN6JHE8LJSJ-NTfOE-_XEytv2WTs-ZCgqGvcX1jmx-v4qOtmD1R_79EOlI_8jxBDnTwFiH2s7h9JhpYFJs3dtZUpNI58ACr1HWzxo87OKMPZsY&cid=CAASBORoN4g&rfl=2%2Chttps%253A%252F%252Fbigkyiv.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:05:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 7C4F 25 KB
9 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9647
x-xss-protection: 0
server: cafe
etag: 6462939580093197770
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:05:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7944 5 KB
1 KB 181ms
64ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c228e4c33b411f01f3b7a571d44342106847fea18082e174333341503e4f0f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 18:22:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 20:07:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Feb 2022 20:07:17 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7944 205 B
742 B 173ms
55ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 18:58:20 GMT
x-content-type-options: nosniff
age: 4137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Feb 2023 18:58:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7944 604 B
695 B 173ms
55ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 10:08:23 GMT
x-content-type-options: nosniff
age: 35934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Feb 2023 10:08:23 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 7944 19 KB
8 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6227515defa43493593661bd5eb5fa369c22843fab1cf4156d137ed5d7b439d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8307
x-xss-protection: 0
server: cafe
etag: 12491010468182217777
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:01:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C4F 41 KB
15 KB 119ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 14:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2023 14:20:56 GMT

GET
DATA 200
OK truncated
/ Frame 7C4F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76e013a340653f25a9a9f0403b10bc9f90b37f6a2d081affccc3d2298d89659c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 76A0 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 11:03:55 GMT
expires: Thu, 23 Feb 2023 11:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 205402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame E2B7 8 KB
895 B 127ms
65ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e114394d6b0349144b28d679b6c44fcadbcab634789db73b84ca6e4b55c61dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 18:22:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 20:07:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Feb 2022 20:07:17 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame E2B7 2 KB
904 B 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:55:40 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame E2B7 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0
server: cafe
etag: 9606807595520751986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:04:17 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame E2B7 2 KB
1 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:59:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2B7 124 KB
38 KB 128ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 20:07:17 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame E2B7 15 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 20:04:23 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame E2B7 28 KB
12 KB 118ms
56ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 11:03:55 GMT

GET
H3 200 JAKO-O_TierischWild300x250mobile.html Show response
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/ Frame 86CD 6 KB
2 KB 118ms
56ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e91454fe5ab3f6fd881bfab58689ce1699dbacc0599a7bc373664bb0d95330e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2404
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 21 Feb 2022 05:01:25 GMT
expires: Tue, 21 Feb 2023 05:01:25 GMT
cache-control: public, max-age=31536000
age: 399952
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C4F 0
571 B 250ms
130ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnOIWDO0GN75OEM493BkR-3EecThSVtagHV4gyVp3fad_g1U1WLU3OafNhaQUApML-xkA0gmOy1ZIWAKU34bWg74wDkQ1hbp5YOZIFUmKY2IG1poBOIiuOnkCmDaC4_-33VujkhTKDZAWlZzl7sRs0h2MC35dWPfcoUshg8S-o6q_DoPWYQPS-g3jc5jQ444fTna7j7ohtJAM1YIdgB3EcTviUiG5PfO9fibT3BeOV6Ct_diqea9-kudnD-5PZ6qiQ8-KkGCdavcBDSCTGuP10C2L9BnFYeJHNgfBzEnIHGVKWhifa9ch93t86v7X55COrG_M9h6WYnfTzQMlQ4FnZ8_D2oqYfWU2vic44FBq6pY_HlJC5WsmRxc5sWkUqlBbOh25pJvWz_kctvxKFrPsRONnyZj2TUAqhbyUNew5sMU_4-nLMUHayQnFjaE2rrJ474VMddX-F_39fHxjPimUL4utb7W1BF9QXQvmmQbuuZM_sFqO1QTqDXTLyr5JAQh2AFsujbr3x0dWaMkOHXTt1fyQO3mv0aCTI3gmMwlieuYJdm5xv0VsGoZQtRy3FfGHzo2ln2A8sou9qp-urqwuqL5IVBLypTQwBmyhs6cd8tOHogm9fsSLI9aWQByxllGZR4ew400CQHQxcWmNlLORl-aVHHD-CmvWyGFwcMDzktPtF-gys8MFrAw3ZPpVseUfYQBjZWBSkfgZTOpyFioOlgj7lZfzZRSsIeoweHNmqQFwCFIqcalj92r6kZIZdoeYThWv4DYvTc_RFMUCOLrB_0GWsG8lGINhQ9kdyXM3LIfxh5hhceYGYPNRPNbgiU41FeZfuUD1kROOPfUNzB8BLqOUE2mvkBbkx4339W_XMQH7kCCA3THK6Hm5ZKcV90941NBlCL6Jy0MyLXgx6xw-sym730zuT07atHzRvymJEW8scuFEO1RKTKTKx7lQMCV6wtnE2bdoGZfVt4onjOshbmc4moSfVOOrBut6vpX1vs5S7e9Qv3UCJOzBh1p4993lA4AlnW9Qtx9Yh5IOgGNcdb4-beVI_9yVPAcbEU2fQafZbNoT6JTWess1vzbhltM74HcggAHeXpO-Y9-Rc8iiD-ZVAWrFq2aZcR2KBeU9IWysneMTOHmZqsANURvLa1j9z260pBbIJ7yzuwwVl1lehET7JlHORr6cTItpuorqaAMyXVb02oVKlOXR2FyA67zF4Cw_NnhvSGtEhCfYkJq5kMfp1iG7kroHGvYrqF1QYJ1QjeK_yyp4&sai=AMfl-YRR4EYvL8ONhR4zNXlDWp5ijeOe32ZgTgu8PQTpgIakKIHpyLD0vFdsWTtgQJF00JX0qRFYxPblFjzt54LQNl7vF7RiAZoEYc806-1OeBvHT1g0JskEumCSfIWfJ0DXeccl&sig=Cg0ArKJSzDn7PzQ64C-VEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=285&cbvp=1&cstd=282&cisv=r20220223.82445&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 25 Feb 2022 20:07:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 7C4F 43 B
1 KB 251ms
63ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=77133-dcm&extLi=27239429&extCr=166166207&extPm=328476562&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Fr, 25 Feb 2022 08:07:17 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 25 Feb 2022 20:07:16 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 569
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 76A0 35 KB
13 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13759
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:50:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 90F0 143 B
163 B 56ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 25 Feb 2022 20:04:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 90F0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

101ms
101ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 25 Feb 2022 20:07:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 20:07:17 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 25 Feb 2022 20:07:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 86CD 236 KB
63 KB 248ms
78ms Script
text/javascript 2a02:26f0:64::210:6b5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64::210:6b5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:17 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Fri, 25 Feb 2022 20:22:17 GMT

GET
H3 200 JAKO-O_TierischWild300x250mobile.js Show response
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/ Frame 86CD 83 KB
16 KB 55ms
54ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.js?1643699279730

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110442c029a1240f708831f0e970eb033e4c4ba7f2192f6e1c69d672abb3202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16476
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 76A0 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkmUz9DYZYpqjMM2pgAepiaCgAgAAAAA4AeAEAg&bg=!tbaltvLNAAas2QJZrNk7ACkAdvg8WpOPoXOTf7QnK2gfAqNWQZFAmEzk-6KxxNUfbSCZb7rdyRaN0QIAAACAUgAAAANoAQcKALQntTvgG9SvOUhZcO-ZqjlIOcFM99uBYE5d8Ai97SlkR4C0ZEhqFKbbBWOCfEy426B3vZJcnw2SPz71_vfoYk1xHYeKFzDLaCqjJdgF9iMSsfqPxSqt-l90m7VSCdAGtMAlM9_rvmvui3IU8-KcoJsoCdX5A2OfT7DMKDILiBj66apXU4No4jA2ye--uOBVxMf2DwIiHN5nP2BsGRPd4eCyazrN9NBncIE1qUQaBk4IrVX7W8SZAuHBtm59HEMkHgyHwxNdBhQQ7wOcs_DpjpPNjPiwmFn0PiR0-DRBY3d2XJSMhaQvo6AhPjq5CnE3smek_03dz11AyAlo3PjegoFhhOXp33rozEXMpvlKT4CgNw8D1c6OJnIRP3sSCmLw2-lPjeKSLPzvXS8CE4WYJJ2Ff3T_U5A7SWf41uH2A-9HOzRDbqmiIZoAHQGKVW16XN9SCUVrGhESDxEyNQ7OFot7TRLv4CyxrXmZu0Mi9EsJ8Ovt8S-EgLzVvPXWiuf5tCNvYQXvjFbt6UB_HijU3nrtMhPJQpaaC-H9c-cNgFLGMjKVb6M5FY2OiuTMuT3EsOMtVZ1TvsT39Sp6MLGvRli81as5KsCxtCG4QaBM0b-ksPfB3e81q0yuSYWKd2PIJPoDd96_zPG7QWLD1PemCX0jwjwas6VzJtPTfw8GZxgp9jD7fCe6-kOJ6deMxftzHTl8IiQ8B5qMCc68r452oj3b1faaONcIbRZcemjc0ZVno7K4r10nXtFhiNNhEx8KbbRfSpRGnuDWAtnB16iUMCmfGOuVGuLx23ZvDqf4iC0fmmiqR1hrY_YBTTTGm13-_DPXwRNS5aXZIeSxbS38xahm4VefpxzhPxgmSuy9efYfoFsRAhUt3dxAlcXDQ41moxz8oZLCWn-7TXCfxos66oaLV_fRGAbH4HsRNghM4EQbPjIcuLBbAcSJFf6yVG9S-lOKV4xJwZ-OvMS_MQhc6A0zlpkrJBhEQWASQ--8GjhJqBgm9TV70KKjZhb09Ya5iZZacBo9Gi8zQkrIz7UT1SxP4Kr3KLHAKnSK7EgMwWnWxebyX6A9d3_0mNjA8-zntXqvzs34arpYzHUwC5FUb4XD6PNrGoXhXVHZLVL-QpGiCO62Lkd3kix-QyG6BADqZ5XEY0Km1AYKdENK9E1z2xPEV2rqGaHNmW0yrdZf4aB4g1LoSVcAmwJUWzQ7fi_ahPYZgtCY7cUAvQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js Show response
pagead2.googlesyndication.com/bg/ Frame CA90 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13759
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:50:50 GMT

GET
H3 200 _300x250_01.jpg
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 81 KB
81 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/_300x250_01.jpg?1643699279643

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c3324cf871067e97640175a694769290bf0f696d13b115dc14de4f9fe294a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:20 GMT
x-content-type-options: nosniff
age: 399897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83343
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:20 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C4F 0
23 B 152ms
90ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnOIWDO0GN75OEM493BkR-3EecThSVtagHV4gyVp3fad_g1U1WLU3OafNhaQUApML-xkA0gmOy1ZIWAKU34bWg74wDkQ1hbp5YOZIFUmKY2IG1poBOIiuOnkCmDaC4_-33VujkhTKDZAWlZzl7sRs0h2MC35dWPfcoUshg8S-o6q_DoPWYQPS-g3jc5jQ444fTna7j7ohtJAM1YIdgB3EcTviUiG5PfO9fibT3BeOV6Ct_diqea9-kudnD-5PZ6qiQ8-KkGCdavcBDSCTGuP10C2L9BnFYeJHNgfBzEnIHGVKWhifa9ch93t86v7X55COrG_M9h6WYnfTzQMlQ4FnZ8_D2oqYfWU2vic44FBq6pY_HlJC5WsmRxc5sWkUqlBbOh25pJvWz_kctvxKFrPsRONnyZj2TUAqhbyUNew5sMU_4-nLMUHayQnFjaE2rrJ474VMddX-F_39fHxjPimUL4utb7W1BF9QXQvmmQbuuZM_sFqO1QTqDXTLyr5JAQh2AFsujbr3x0dWaMkOHXTt1fyQO3mv0aCTI3gmMwlieuYJdm5xv0VsGoZQtRy3FfGHzo2ln2A8sou9qp-urqwuqL5IVBLypTQwBmyhs6cd8tOHogm9fsSLI9aWQByxllGZR4ew400CQHQxcWmNlLORl-aVHHD-CmvWyGFwcMDzktPtF-gys8MFrAw3ZPpVseUfYQBjZWBSkfgZTOpyFioOlgj7lZfzZRSsIeoweHNmqQFwCFIqcalj92r6kZIZdoeYThWv4DYvTc_RFMUCOLrB_0GWsG8lGINhQ9kdyXM3LIfxh5hhceYGYPNRPNbgiU41FeZfuUD1kROOPfUNzB8BLqOUE2mvkBbkx4339W_XMQH7kCCA3THK6Hm5ZKcV90941NBlCL6Jy0MyLXgx6xw-sym730zuT07atHzRvymJEW8scuFEO1RKTKTKx7lQMCV6wtnE2bdoGZfVt4onjOshbmc4moSfVOOrBut6vpX1vs5S7e9Qv3UCJOzBh1p4993lA4AlnW9Qtx9Yh5IOgGNcdb4-beVI_9yVPAcbEU2fQafZbNoT6JTWess1vzbhltM74HcggAHeXpO-Y9-Rc8iiD-ZVAWrFq2aZcR2KBeU9IWysneMTOHmZqsANURvLa1j9z260pBbIJ7yzuwwVl1lehET7JlHORr6cTItpuorqaAMyXVb02oVKlOXR2FyA67zF4Cw_NnhvSGtEhCfYkJq5kMfp1iG7kroHGvYrqF1QYJ1QjeK_yyp4&sai=AMfl-YRR4EYvL8ONhR4zNXlDWp5ijeOe32ZgTgu8PQTpgIakKIHpyLD0vFdsWTtgQJF00JX0qRFYxPblFjzt54LQNl7vF7RiAZoEYc806-1OeBvHT1g0JskEumCSfIWfJ0DXeccl&sig=Cg0ArKJSzDn7PzQ64C-VEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=740&vt=11&dtpt=455&dett=3&cstd=282&cisv=r20220223.82445&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 20:07:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 fp.min.js Show response
fixidle.com/js/ 16 KB
6 KB 307ms
99ms Script
application/javascript 62.244.25.84
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/fp.min.js
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/39847/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.84 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3aca96ba4ebce006fa7a14f4d7546df374b85bff9a0ac55fd1342ad76262b799

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H3 200 _300x250_04.jpg
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 59 KB
59 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/_300x250_04.jpg?1643699279643

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa8af4a361447865826c79403f025cb21e0a7c81ed90954707662768507a7d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:20 GMT
x-content-type-options: nosniff
age: 399897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60022
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:20 GMT

GET
H3 200 _353853_TraegerbodyMotiv_Baer_F_011.png
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 81 KB
81 KB 56ms
56ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/_353853_TraegerbodyMotiv_Baer_F_011.png?1643699279643

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7426b6fb460b665bd8025946ab30d7e4682ce19dea7c76173a53f9832f21816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:21 GMT
x-content-type-options: nosniff
age: 399896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83201
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:21 GMT

GET
H3 200 _353854_HalbarmbodyMotiv_Loewe_F_01.png
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 107 KB
107 KB 55ms
55ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/_353854_HalbarmbodyMotiv_Loewe_F_01.png?1643699279643

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d781ecbb86ab14c86e757927e1a9b2b20f634ab55082bf303d2b84e0ceb9148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:21 GMT
x-content-type-options: nosniff
age: 399896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109665
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:21 GMT

GET
H3 200 _353855_LangarmbodyMotiv_Pinguin_F_01.png
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 122 KB
122 KB 55ms
55ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/_353855_LangarmbodyMotiv_Pinguin_F_01.png?1643699279643

Requested by

Host: bigkyiv.com.ua
URL: https://bigkyiv.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d4db49926b7e891e7bdd6579f385bc7118ace237640b2937cd9b9942b7d8878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:21 GMT
x-content-type-options: nosniff
age: 399897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124899
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 141ms
79ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220223&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e0610fc9b035f1ee4b4914976407a7d77c335b057a621564e81fc4c84bcc9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 20:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9814
x-xss-protection: 0

GET
H3 200 a81c2cd8-2b4e-4c33-9efb-027517c228d3-360x241.jpg
bigkyiv.com.ua/wp-content/uploads/2022/02/ 24 KB
25 KB 54ms
54ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2022/02/a81c2cd8-2b4e-4c33-9efb-027517c228d3-360x241.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4996f90ba82001178a45d6f6084c4585e35b566719c16eba98b8fd352b9a58aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24572
last-modified: Thu, 24 Feb 2022 19:58:07 GMT
server: cloudflare
etag: "6217e34f-5ffc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuGmo1XclMdJ8m9XqHNs6eEBHkEd8phVh4DLEOcdMMSvdPdVGQNZvlGddLSTiNv72PTP3vH3dPMip554S9cS42yPS4rjbq%2FyHpTrzYHQ%2B643F9aKyA6%2BDhphbEidydMMWytAzPlV%2BTu%2FJ2hRYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f228b8076a7-LHR
expires: Fri, 24 Feb 2023 20:38:12 GMT

GET
H3 200 zakrevskogo-360x241.jpg
bigkyiv.com.ua/wp-content/uploads/2022/02/ 13 KB
14 KB 53ms
52ms Image
image/jpeg 2606:4700:3036::6815:5b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigkyiv.com.ua/wp-content/uploads/2022/02/zakrevskogo-360x241.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2eed6f7b454eac03c4e82f2ed82f6d31af6fea6f4a840e270b9066df43e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13408
last-modified: Fri, 25 Feb 2022 15:12:34 GMT
server: cloudflare
etag: "6218f1e2-3460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H784OFi7Hjqt0SKGB59QVDYLwNvOpA4UDgR%2BTb%2FfULzAiidVwsCvjf1%2FX8sUnFsvfcULLLjcqNwz%2FvVUBlGeibeT6gix9YPOmiYWMEDUGxkmL6MNw9khrdEYzV1ncMlUAGWBiFjV2nPa2oy9pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e338f228b8276a7-LHR
expires: Sat, 25 Feb 2023 15:30:20 GMT

GET
H3 200 Shirt.png
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 153 KB
154 KB 55ms
55ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/Shirt.png?1643699279643

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddff4c04f54910e1d7014b572de6ea58f132077ae209a7c3168b95fc0824b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:21 GMT
x-content-type-options: nosniff
age: 399897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157153
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:21 GMT

GET
H2 200 collector.js Show response
fixidle.com/js/ 9 KB
2 KB 103ms
102ms Script
application/javascript 62.244.25.84
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/collector.js?rtuid=6498f67d2b19c485375ee6e71185f292&code=news&v=1645819638166
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/39847/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.84 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 51dc9909c00c7057dc20451bb3763d40514c6aedbe94c2333b6b85329f31d900

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 10521.gif
ua.redtram.com/px/ 43 B
235 B 107ms
106ms Image
image/gif 62.244.25.76
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ua.redtram.com/px/10521.gif?referrer=https%3A%2F%2Fbigkyiv.com.ua%2F&ref2=&rtuid=6498f67d2b19c485375ee6e71185f292&v=1645819638166
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.76 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 25 Apr 1986 22:23:46 GMT

GET
H2 200 / Show response
ua.redtram.com/i/ 529 B
654 B 3607ms
3606ms Script
application/x-javascript 62.244.25.76
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.redtram.com/i/?i=39847&srv=69&f=3&idn=eauf&ref2=&rtuid=6498f67d2b19c485375ee6e71185f292
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/39847/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.76 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d339df7421832fa310df6a2132c6bae7ae17f267e05aeb0e27bac68d212837f5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:21 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT
server: nginx/1.18.0
content-encoding: gzip
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 collector.js Show response
fixidle.com/js/ 9 KB
2 KB 95ms
95ms Script
application/javascript 62.244.25.84
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/collector.js?rtuid=6498f67d2b19c485375ee6e71185f292&code=news&v=1645819638203
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/39847/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.84 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 51dc9909c00c7057dc20451bb3763d40514c6aedbe94c2333b6b85329f31d900

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 collector.js Show response
fixidle.com/js/ 9 KB
2 KB 144ms
143ms Script
application/javascript 62.244.25.84
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/collector.js?rtuid=6498f67d2b19c485375ee6e71185f292&code=news&v=1645819638207
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/39847/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.84 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 51dc9909c00c7057dc20451bb3763d40514c6aedbe94c2333b6b85329f31d900

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 collector.js Show response
fixidle.com/js/ 9 KB
2 KB 583ms
583ms Script
application/javascript 62.244.25.84
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/collector.js?rtuid=6498f67d2b19c485375ee6e71185f292&code=news&v=1645819638213
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/39847/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.84 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 51dc9909c00c7057dc20451bb3763d40514c6aedbe94c2333b6b85329f31d900

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 20:07:18 GMT

GET
H3 200 Shirt_2.png
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 156 KB
156 KB 56ms
55ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/Shirt_2.png?1643699279643

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eed7fc4fe9f5cbed0685c1d8b6641266d362a749baadf2fcac3eaabd5667a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:21 GMT
x-content-type-options: nosniff
age: 399897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160170
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:21 GMT

POST
H2 200 / Show response
fixidle.com/ 61 B
153 B 407ms
200ms XHR
application/json 62.244.25.84
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/?v=16458196382840.26688072720432077
Requested by: Host: fixidle.com
URL: https://fixidle.com/js/collector.js?rtuid=6498f67d2b19c485375ee6e71185f292&code=news&v=1645819638166
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.25.84 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d89c67fd3635427cc9c241da7cea4e4c5e6ba70fc42d031fbfeaf19a2e3f9a2d

Request headers

Referer: https://bigkyiv.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 25 Feb 2022 20:07:18 GMT
server: nginx/1.18.0
content-type: application/json;

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18DC 13 KB
5 KB 55ms
55ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Feb 2022 20:03:02 GMT
expires: Sat, 25 Feb 2023 20:03:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5DC5 783 B
536 B 63ms
63ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9981de7008dc4b1906d483594284ac2e3f79808562a77ab79e30013e591e3a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K2mMKgpUGrCYpp4hqP7E5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 25 Feb 2022 20:07:18 GMT
date: Fri, 25 Feb 2022 20:07:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-K2mMKgpUGrCYpp4hqP7E5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Shirt_3.png
s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/ Frame 86CD 143 KB
143 KB 57ms
56ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/images/Shirt_3.png?1643699279643

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

466c9dda97f72bfe27f0a19c4c7903f20c7f863d28d19e0f4037a6afe17051ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4249647926575366144/300x250mobile/JAKO-O_TierischWild300x250mobile.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:02:22 GMT
x-content-type-options: nosniff
age: 399896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146187
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:38:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Feb 2023 05:02:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DC5 0
0 95ms
95ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220223&jk=4408917147471569&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 200 SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 18DC 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13759
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:50:50 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C4F 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5X_o5zXkD8cUZdCDkMRXaF1tWXOugbhvsBBCr8w4TX6_aQ5l4fZ4jWHuDxJ6rxziph3zHEOofzisV-CFbU3a5HOBqBH_fMSlPRN17EwbrpOqccQFyIg&sai=AMfl-YRqGVcQun7IhCjRmIYH2Bi_aM3SmdtxFpgppRyd5VvqZgljLxfNw2lWiAoeYoHKgLm0fgsp4b8Gvd6y&sig=Cg0ArKJSzIHuglBV5h_NEAE&cid=CAASBORoN4g&id=lidar2&mcvt=1000&p=0,0,250,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4053852298&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645819636743&rpt=657&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 18DC 0
9 B 54ms
54ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tsyDHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:07:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET /
ua.redtram.com/i/ 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220223&jk=4408917147471569&bg=!ZGelZyPNAAas2QJZrNk7ACkAdvg8Wh_OUAJaD5EgEYYOytJlLjb26XmmcYd_bGrSPiKXMa9GH5haDQIAAABmUgAAAAJoAQeZAoGOvKmxYYrwedcAnrBa4FmFeDiMfYWFJjoStozhM2fJxgHGyktTamX3PvEs2UhjkJP5Ql7uzRyd3-Xc8J360RWr465Sv1taJHGMLbxedzp8tHlctiz363L1jXz1nSu6BbAuftVcgUoN3UjLfhETW5l1VINNtKCEFe9jAxIhBcelzoY1WSrhZyuQuTSaN2d0E931aSrrNoFAe_L8y2vOaQiQsvzg40lLP9XAYvfmfTGvNDpRibfAJSuyl0loKYSVRogUjeR-CMZZaWyCyQkqLgMWcEfbJcmfb6P4ucRT3XtXtBzr3Y3PtApg8FveVc8968-Uypa7RRAAwoXEMpwjwojZtZ_g_OxUfdjmfT-pDdoHg02G5W3Z6kNe3dr9FeEK9P8TImf_J6EAQGkkxJzVmtOuPjdwmWc7VY1WilUQG_9DuKLpFzVXxYmNaggPSKtEak0O0m5GRuaVXXceYWFEDacpnI-Ff58Uk7eklRh0BzV4s4-AZzJGOpRk9jFDEwnys0Pa3IYYrdGfDVbXr0CwMjPxWFZ4JEGLNnuq7dDQIdD4Q0BFyuJOUpDaxEVdBnT0msxNVhJmigsIYy0q9Glt2fdUAvPhSnjueJedLRdE0BXqcnYErMfYTESalD6CuNKqx0uU_4b2D0yubtN6Mjwvp9_MzjoO1PeY6wamnptTUX0JADSSXB_tiS9fpQjh_Y1vIAArnN-vLfWSW1Puf7gzuoc6YQOLe0yw9as4TjX3Cmh35u5-mrtku4Fo-U0RgNLelsM9Z3ca4rgoEix1b6S0WsREefx3BN4teYXPndwaoV64f_g2seTKu1hkW1AtxkuOctWLuxqjzhg27_WBBww3S06hng

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bigkyiv.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 20:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
ua.redtram.com/i/ 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ua.redtram.com
URL: https://ua.redtram.com/i/?i=39847&srv=69&f=3&idn=awkzw&ref2=&rtuid=6498f67d2b19c485375ee6e71185f292

Domain: ua.redtram.com
URL: https://ua.redtram.com/i/?i=39847&srv=69&f=3&idn=gzamz&ref2=&rtuid=6498f67d2b19c485375ee6e71185f292

Domain: ua.redtram.com
URL: https://ua.redtram.com/i/?i=39847&srv=69&f=3&idn=dhnzo&ref2=&rtuid=6498f67d2b19c485375ee6e71185f292

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bigkyiv.com.ua/	1970-01-20 18:41:31	Name: _ga Value: GA1.3.432715598.1645819636
.bigkyiv.com.ua/	1970-01-20 01:11:46	Name: _gid Value: GA1.3.787351764.1645819636
.bigkyiv.com.ua/	1970-01-20 01:10:19	Name: _gat_gtag_UA_78698572_1 Value: 1
.bigkyiv.com.ua/	1970-01-20 03:19:55	Name: _fbp Value: fb.2.1645819636251.258797560
.bigkyiv.com.ua/	1970-01-20 10:31:55	Name: __gads Value: ID=c5d1f0fcc941eea1-22938ec64bcd000a:T=1645819636:RT=1645819636:S=ALNI_MaogYb6KdtNYIpG2815hg_E0BqhBA
.doubleclick.net/	1970-01-20 10:31:55	Name: IDE Value: AHWqTUnfJBe-7h6v2LkS12-P25dRJO9Mlz8r7owI6fH-MzHXXYgxXTDPz2YkZej_9Wo
.adnxs.com/	1970-01-20 03:19:55	Name: uuid2 Value: 6791242045363278713
.casalemedia.com/	1970-01-20 03:19:55	Name: CMPS Value: 1838
.adnxs.com/	1970-01-20 03:19:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In<u?w#R!]tbPl1M>e)ZlrFUfJ+tGXxoDFWQ>VK1QG9`a)'hHQ6>%Ew>31Oyz@P>J@??3If)y3KL9D3I?+Zajekw
.casalemedia.com/	1970-01-20 01:11:46	Name: CMST Value: Yhk29WIZNvUA
.casalemedia.com/	1970-01-20 09:55:55	Name: CMID Value: Yhk29abRkfuUVD4E9qOnDAAA
.casalemedia.com/	1970-01-20 03:19:55	Name: CMPRO Value: 1822
.casalemedia.com/	1970-01-20 09:55:55	Name: CMRUM3 Value: 2d621936f52760CAESEMeR8RsvmapKIsC4sOw2occ
m.exactag.com/	1970-01-20 03:19:55	Name: exactag_new_gk Value: 3fabf43ec344458ea8523bab63db4469%7c26.04.2022+20%3a07%3a17
m.exactag.com/	1970-01-20 05:29:31	Name: exactag_new_uk Value: f364025359a94cccbf1b789cf08033a6%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 29c0e807260c47afb8729a25
.doubleclick.net/	1970-01-20 01:10:23	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bigkyiv.com.ua
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
dsum-sec.casalemedia.com
fixidle.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.exactag.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
ua.redtram.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ua.redtram.com
104.85.0.246
142.250.185.98
142.250.74.194
172.217.16.130
2606:4700:3036::6815:5b3
2a00:1450:4001:801::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c0b::9b
2a00:1450:400e:800::2008
2a02:26f0:64::210:6b5b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.252.173.62
62.244.25.76
62.244.25.84
85.14.248.71
02166dffd4f5f47e47652369c8dcc5b3c956abe312610909db3231e66dff4f7f
0419432c42fe35dd0fe096e7a5cf2a4ca00eb14d935ea06979d8683e21fee80d
075c3d048153667692538ff29ed8095cf5fb54f9c26ba993939a4a49ea517ee1
082d2a88bdcf16c2e82d5beb234b3dc7417b29ea10cce20a0a844c523faedef3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3324cf871067e97640175a694769290bf0f696d13b115dc14de4f9fe294a2a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15ddff4c04f54910e1d7014b572de6ea58f132077ae209a7c3168b95fc0824b0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f592c1248f3224a2adddaa84e9ec8c8e7ed7a7bcf0913e658534eeb1dd5fe00
200466926212792e94025a89c780ccf14790a958898472cbb8d65bba4b5bf431
20f4efbfcc0fb4e61c6b52faa6fe93a2dcd6447b5173b925b5f4ef93593af00c
2110442c029a1240f708831f0e970eb033e4c4ba7f2192f6e1c69d672abb3202
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d781ecbb86ab14c86e757927e1a9b2b20f634ab55082bf303d2b84e0ceb9148
2eed7fc4fe9f5cbed0685c1d8b6641266d362a749baadf2fcac3eaabd5667a88
336d3a07835551bd7d201df0f522dc5bb1f19be6076b15290b4d77701813b29b
39eda64b68dc0ef46c98a8d24ad2144e897e4192d544ae9a1888bb0b427b11a9
3aca96ba4ebce006fa7a14f4d7546df374b85bff9a0ac55fd1342ad76262b799
3c5be91ce443186ba47bb21b00c90d3d3eef83eda21f8da12051b1b7f92fd1ad
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3e6ad2c4f8174f61b18ead889499245c15f955913cadeeb0a9db381479fca84b
438a421af3ed9cb27a351e732df7fd7d49203e123c276a0bd087d1658028dd39
466c9dda97f72bfe27f0a19c4c7903f20c7f863d28d19e0f4037a6afe17051ee
46a135df6c666f44386eb8cb8618b143591359111de2494901c7179686a55a1e
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
4996f90ba82001178a45d6f6084c4585e35b566719c16eba98b8fd352b9a58aa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b740279ccb7e599cb99201f1c7b39266c664202cc5ab1c7f7d783c1365e5510
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d0db837fbafe2f3b22c52fd4c8b4088df36ae8a0b9ea7795fe08aeeb73fb4e
51dc9909c00c7057dc20451bb3763d40514c6aedbe94c2333b6b85329f31d900
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e2eed6f7b454eac03c4e82f2ed82f6d31af6fea6f4a840e270b9066df43e5b
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3a9cf3f0d036e43eeff57d2348fb0c3ef094cf05d6ae2a454170062d8c3dc6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d7e07759d94e6a4f3fec880b8937f69101714be6f20161c2acf3856eef7d50
6367bb32e827b45b5adab1d83b4fc1c25306c5091cdbc504623f0e50baf90fbf
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
654950499a64cde1538c7d881e16d7793eaa76b7d15c4bff2ce49eb3da0c52ac
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6cd9de530d50c16cc3f71ce8f0df97198f099c0692d7be7e8551e1fb73b66170
6d4db49926b7e891e7bdd6579f385bc7118ace237640b2937cd9b9942b7d8878
6f12ee7be25cf6fd5c039b83434bab2b33bddaa678ed429732bfeed94d7b0215
6fdf878caa6115ab88f270d81cfdbccbaa93935924bb9d015b0c4cf4a1d483db
76e013a340653f25a9a9f0403b10bc9f90b37f6a2d081affccc3d2298d89659c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e0610fc9b035f1ee4b4914976407a7d77c335b057a621564e81fc4c84bcc9eb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
8f9e4487407d13193ed02170f81adee1bb6c5b7a4f44b9b164508d09e19b1ac5
90ac131f11bd874eb89270c0c45424667b7469de5efca36bdb764d07e6f34534
9407ecb0a696cb75d1354572638ff8187197ca714f1bc58ed8d979942e09cd75
9e0ea4deef4aaaaf89e94b92bb919e720205ae6e153668031dbab60fec690395
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a78174dbf4c2edd2c1eda606995f462b634f759051effda1429b8ebc43dc5e
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9cd51d7d72a66202d0c447a0fad3d0dd5fe7dd1a05135780f42c98c90884824
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6227515defa43493593661bd5eb5fa369c22843fab1cf4156d137ed5d7b439d
b7426b6fb460b665bd8025946ab30d7e4682ce19dea7c76173a53f9832f21816
b8dc8d02326224913d7df7850440c9310c34475d5de01ac43439f6e31838e5c2
ba0d513eba794942993535ae559766cfdf1d94c907356b4aa22dc1501f0fb24a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be8bbf7105500e8fc1f9429307fb396905a0e6cff63fe1eb751bb319d0f1b0db
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c228e4c33b411f01f3b7a571d44342106847fea18082e174333341503e4f0f20
c3a1d7bc1e4004a1509656d8fb57d6841e6c0eaf0a997a6f2d6e627befd3efb6
cb520250289b8b5e7dd418c0c4562611eefd6adc09c2c03dcb61181fdb4ee03c
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d339df7421832fa310df6a2132c6bae7ae17f267e05aeb0e27bac68d212837f5
d89c67fd3635427cc9c241da7cea4e4c5e6ba70fc42d031fbfeaf19a2e3f9a2d
db09816cddea6780e5b1b140e3f3b2e246de8ed2845c4a2ca4618627c738b194
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e114394d6b0349144b28d679b6c44fcadbcab634789db73b84ca6e4b55c61dc3
e1496457f82fe0adeb6cc283601fed05321a1bbecb1e921c6eeb0389469ad8ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e91454fe5ab3f6fd881bfab58689ce1699dbacc0599a7bc373664bb0d95330e2
ec3e39c2fcdc754d2dea4d6f7ae7ad01a2f27d5b347ea7b8c65ee89bc2feb7f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f9981de7008dc4b1906d483594284ac2e3f79808562a77ab79e30013e591e3a7
fa8af4a361447865826c79403f025cb21e0a7c81ed90954707662768507a7d89
fb96955fcdfcf072ef012a210d32a31a22dd79f0c85680f49c70457d2e5b552c
ffa5abeedfdbaacc7c62b19f8f9c01b5485fc50f8ca4a1a004f6abd043ff2840

bigkyiv.com.ua Open in urlscan Pro 2606:4700:3036::6815:5b3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

94 %HTTPS

69 %IPv6

20 Domains

26 Subdomains

27 IPs

6 Countries

3330 kBTransfer

5673 kBSize

17 Cookies

7 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bigkyiv.com.ua Open in urlscan Pro
2606:4700:3036::6815:5b3 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

94 %
HTTPS

69 %
IPv6

20
Domains

26
Subdomains

27
IPs

6
Countries

3330 kB
Transfer

5673 kB
Size

17
Cookies

127 HTTP transactions
3 data transactions