ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
54.230.111.72301 Moved Permanently 167 B URL HTTP/1.1 ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
IP 54.230.111.72:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 09 Feb 2023 00:15:26 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
X-Cache: Redirect from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X7tOsFMTU4Cz7ORc0dwP-Tayl4sDkcW5JyQMlAb1hRqwQKMNSYvadg==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5118
Expires: Thu, 09 Feb 2023 01:40:44 GMT
Date: Thu, 09 Feb 2023 00:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4013
Expires: Thu, 09 Feb 2023 01:22:19 GMT
Date: Thu, 09 Feb 2023 00:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6016
Expires: Thu, 09 Feb 2023 01:55:42 GMT
Date: Thu, 09 Feb 2023 00:15:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 23:34:14 GMT
content-type: application/json
age: 2472
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nEOBV688HThyV0qB6j+xZaKiy0O4CJrKBvKEPKWgbl556LNPyidt2zCYODexAymmCfCPiheipkI=
x-amz-request-id: FC7YHGDAZ54YZSAR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 23:46:09 GMT
age: 1757
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:26 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7bbbc7f12d6535ff3a96555a089697f9
3a83cce34fb2c1ce92cf3802f572e0eefb27790d
79dcfba73d0c702bd630edfb3feac10f4e98c54899f8f1f5acd38d35d4558eab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 00:15:27 GMT
Etag: "63e311c0-1d7"
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WEfxN5M2XsCqwSCHs9N8xfj8SOnM1X5eDDOq5UPgKeCFLoGhv5fKNg==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 00:14:52 GMT
age: 35
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4416
Expires: Thu, 09 Feb 2023 01:29:03 GMT
Date: Thu, 09 Feb 2023 00:15:27 GMT
Connection: keep-alive
ivona.ua/img/4x3.png
54.230.111.14200 OK 96 B IP 54.230.111.14:0
File type PNG image data, 4 x 3, 1-bit colormap, non-interlaced\012- data
Hash 2c04ab199b7bd1cfa53a7a6710c00980
a4bd85be8eef85baefe00c25b2d069c43a92d110
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc
GET /img/4x3.png HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 96
server: nginx
date: Mon, 06 Feb 2023 00:17:44 GMT
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
etag: "6229f95c-60"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J6SamyaK_owaBjh2maPUd7CDA_KBnK9SSLzEyDOlzjin8ZoJKID-zA==
age: 259563
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b8ad5b23aac490c2e9ccbac5a9dbcc6b
ef73076be963061b44563356cb33201e401f65e8
92d2469a14b9fe0eb637029f9f2782228441a65c44feb1a37b73ccc606e2b55d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Last-Modified: Wed, 08 Feb 2023 23:16:39 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
54.230.111.14200 OK 24 kB URL HTTP/2 ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
IP 54.230.111.14:0
Hash a9bb7ce996053c85bc97728fb1794c5c
57143f024c60339a9801e706adbc244d56905dc4
89b51a3373d465e8eb23cb0d416cba69e2f651f4d0ba41bc1e30f440a77e32bc
GET /ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 09 Feb 2023 00:23:54 GMT
cache-control: public, max-age=300
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o69oxyXhoijPieW7l6DPNhe7CLjjJPEqvzPcMBQGxrnnToSKGKWPag==
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
104.17.25.14200 OK 19 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
IP 104.17.25.14:0
File type HTML document, ASCII text, with very long lines (31972)
Hash c8e69fc65287045e4f083a6bcd40b8e0
fa3a37740705510fe08c3b286ea9a81e2e4bb04d
bffefe5f48974eeda69bb6a53127b10ee8244ba7f9dd4a925f2f2c1bde189db0
GET /ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 19249
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-10a9d"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2963408
expires: Tue, 30 Jan 2024 00:15:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giTfY69xRPvx2elk7OiF%2FyfG323eZESRlKII7VmasCtrpyCL0Q%2BAHwXqX5wjO%2F2BUw879%2Bi9ZF3gahZ%2BLY4YUXBqT4qDSgTxahoYKPzxuDwbh4gifUNLlfjs7wP57sV6513%2BT9y2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796869266ba31c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (56656)
Hash 5c32368e2726220885c82f35b6fb4e78
bb3909d2aaca84d895296187aeaea024c76f46ec
53ceda316a9da4b956909214bb1bdaf76d2b2e3d2037614a13b6749e1e5c9e17
GET /ajax/libs/font-awesome/5.11.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: text/css; charset=utf-8
content-length: 10022
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-de0a"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1796327
expires: Tue, 30 Jan 2024 00:15:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww7IOhuT1BTYretdxa0qkTqdcxUO1CEKFKt4KDVTy6lJ8TjJS4b0sG4%2Bv2k33BW4e4ScXMIGBFrh2UgEnPwRwsZgWjHrc9E2lw039mSYyj%2FkG9tn2siJEkkA%2FW3Ka03denFlC53W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796869266ba51c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
104.17.25.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32077)
Hash 5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1748768
expires: Tue, 30 Jan 2024 00:15:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQz2xxpxRFacW0CmDwDfMHVmwkdIPJoGO%2F9oPJEq9Cl%2FKhZVzKwST%2Bu0hoiSp8jHNb%2FnSB38AmtyC6l9Uz6HrCoPv951W%2BO0aL%2BQV7UehTzagwsvhrIFcRLQJ4M%2BC%2FG8xQYF86NB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796869266ba71c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ivona.ua/a-custom/custom.css/v11
54.230.111.14200 OK 857 B URL HTTP/2 ivona.ua/a-custom/custom.css/v11
IP 54.230.111.14:0
Hash 2ce2f03320bc6b748b520ceac1ee7559
58a2d535365795034506c8a741bc41a434335bcc
294f3912f816300240811cf5e9ba4031f247a8b13f46bba973ae0ad96efcc5e2
GET /a-custom/custom.css/v11 HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Mon, 05 Sep 2022 03:50:51 GMT
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
etag: W/"6229f95c-3ca"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yotuNCXNLHjm-tBXCubsd5uQY7MugkwXrmCkxmD3Y-l1lhZc5-SacA==
age: 13552050
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
104.17.25.14200 OK 1.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (3730)
Hash 05661a68288a93edb3a6009260995872
bdfd274ad45670c0f7e162d33f521576dc3b71f4
611c3d43cc5a80a7e4831274225cf0b97d28edf26e4c1e4d7a1adfc06929c0f4
GET /ajax/libs/blueimp-md5/2.10.0/js/md5.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 1339
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8b-eb6"
last-modified: Mon, 04 May 2020 16:06:35 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18945207
expires: Tue, 30 Jan 2024 00:15:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdSQ9xxjkKvBK8GIJ%2BlhrPckgn%2B7FvoB4K2xsGaOeiO4CnVE7Fhy464JZmSPAjpAEkUd4Wj63rH8oHFKeeDqbPXT%2FqdN6amkXPGHs367TMaDNYLT43uA3ppgC30lNieU1w%2BHsotM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796869269bb01c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ivona.ua/css/style.css/v11
54.230.111.14200 OK 16 kB URL HTTP/2 ivona.ua/css/style.css/v11
IP 54.230.111.14:0
Hash 9d0dceb905dce03119225b9e60172522
c1739f51bb6a4201353d39acd429a023f87ccac5
bb067ec76eb4fb2a5a3863c8c2611603e6c5af88f961e23531feccfd173916d4
GET /css/style.css/v11 HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 29 Jun 2022 11:48:43 GMT
last-modified: Wed, 29 Jun 2022 11:48:40 GMT
etag: W/"62bc3c18-13606"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CsXqcR8I2VX4-HbXQo8z1WDwUA2RXE52p8yBxB4cgMrR3-niy5Ni4g==
age: 19398434
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5185
Cache-Control: max-age=100802
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Etag: "63e30da0-117"
Expires: Fri, 10 Feb 2023 04:15:29 GMT
Last-Modified: Wed, 08 Feb 2023 02:49:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ivona.ua/click/js/common.js?1
54.230.111.14200 OK 2.6 kB URL HTTP/2 ivona.ua/click/js/common.js?1
IP 54.230.111.14:0
Hash 392162d067a82886b6f62589883d6865
36322f7794c18805fa94f57c1af2250bbcfe0701
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
GET /click/js/common.js?1 HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 2560
vary: Accept-Encoding
server: nginx
date: Thu, 09 Feb 2023 00:23:54 GMT
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
etag: "6229f95c-a00"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4rIg1oOFxhnazy9XC7ukwzG0ABIkGiC4icL-XvdbMVN_I9C4at1eIQ==
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
104.17.25.14200 OK 1.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (5215)
Hash d55747c9bda08065b400c4aaaab07b4e
6034cb4b5b7fbc1d2a132fd92a6c6ae549f386c7
a4469307857c429b5cb0420e0a2583a57bd168b70e7b55db5f2a1029e95717ff
GET /ajax/libs/toastr.js/2.1.4/toastr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 1763
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffe-1483"
last-modified: Mon, 04 May 2020 16:17:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1827514
expires: Tue, 30 Jan 2024 00:15:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KITY1nutIibf8%2BNkdwJ27Mixkv3RX8HGNyrZ0pAgVWwdxS9g2G2PxMih2MfSjn5Hp%2FdWpFJsSBa6EzV4wVh2eniZdg1AoEJ7%2BCykdZZVFWqV%2Fc9%2BgeiS5Lo49PvR5tRruqSa9wAV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796869269bb51c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
104.17.25.14200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8495620
expires: Tue, 30 Jan 2024 00:15:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVa2B7Hkp4qmYMZlnROKdbnVYhEc%2FZdT%2FNFP4qtnxT0np7OI5ml3lAGhjO9q%2BQM19b93Njc5rf5GhjEwqOGYGA8q7o9JGOXVf9JhA%2F5KMZg5%2F%2FCP5lnbJTG9qznxF5HXtqKQIMUv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796869269bb41c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4606
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Last-Modified: Wed, 08 Feb 2023 22:58:41 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
104.17.25.14200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20831)
Hash 368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102
GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1627178
expires: Tue, 30 Jan 2024 00:15:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKc93fUP1v9%2B8OJWAj%2Bhot%2BXEU4w%2BOaqwnlFzvlmtAcJIlI8yaw6MB1mZGJ2fXi4UsHotDyuJrc4DwXiVJcL2M%2Bxm1zNvDhFN%2FEAoepdIybv%2BNsYn8hXrnx36XVKfgqVhFwQg29H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79686926da770b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b8ad5b23aac490c2e9ccbac5a9dbcc6b
ef73076be963061b44563356cb33201e401f65e8
92d2469a14b9fe0eb637029f9f2782228441a65c44feb1a37b73ccc606e2b55d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2311
Cache-Control: max-age=161288
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Etag: "63e40520-117"
Expires: Fri, 10 Feb 2023 21:03:35 GMT
Last-Modified: Wed, 08 Feb 2023 20:25:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/lazyload/lazyload.js
151.101.65.229200 OK 1.7 kB URL HTTP/2 cdn.jsdelivr.net/npm/lazyload/lazyload.js
IP 151.101.65.229:0
Hash 48e05ee1c6d3db1baea8f343aee0b56b
93e71cfe052a033e4c867f2503ca425030071df1
27d48ead6bf6af6882b21b01fdae090512499cf21f169d6a9675756b94e5f73e
GET /npm/lazyload/lazyload.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.0-rc.2
x-jsd-version-type: version
etag: W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Feb 2023 00:15:27 GMT
age: 8898
x-served-by: cache-fra-eddf8230070-FRA, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1652
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.252.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.252.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v73v3HEO+s1CLstjpKeIbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QUEi8PyYfgygRXYXFmrCT4t8PyM=
ivona.ua/click/js/article-stat-v2.js?8
54.230.111.14200 OK 976 B URL HTTP/2 ivona.ua/click/js/article-stat-v2.js?8
IP 54.230.111.14:0
Hash bec229dfbfc84ae59ea59f9e74686233
979f9ac547e053f176a74ea0f7df42ed11d9554e
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
GET /click/js/article-stat-v2.js?8 HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 976
server: nginx
date: Thu, 09 Feb 2023 00:23:54 GMT
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
etag: "6229f95c-3d0"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wa6oSGFXcW_btGjQZop0C1IXbljRkNuOGuuZKdrct3Ij1ySgbe1Rzg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 89dbe888cc34846699acd9b64a426893
6d26b8d58d73c6f9951f8f4bf6fdcdbe9fb81255
e5be8584a0a227ddaae0095a5d78a364f756b97093626a92166e380351e08868
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3468
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Etag: "63e2c8bd-117"
Last-Modified: Wed, 08 Feb 2023 23:17:39 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-206274582-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-206274582-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 30536819b779369ba77f842caa5bb924
7ead6ba3ed5dbd502d26bd83c66a2c7ad80b043c
4355b435333103e881f7ef043034ddd1e0a488e03e447280e0da876aba0dc5c4
GET /gtag/js?id=UA-206274582-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 00:15:27 GMT
expires: Thu, 09 Feb 2023 00:15:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5185
Cache-Control: max-age=100802
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Etag: "63e30da0-117"
Expires: Fri, 10 Feb 2023 04:15:29 GMT
Last-Modified: Wed, 08 Feb 2023 02:49:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 89dbe888cc34846699acd9b64a426893
6d26b8d58d73c6f9951f8f4bf6fdcdbe9fb81255
e5be8584a0a227ddaae0095a5d78a364f756b97093626a92166e380351e08868
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Server: ECS (amb/6BBE)
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
151.101.66.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 151.101.66.133:0
Hash ddd1ff6e309c172de2e5353e2a58c56d
3bb28ef039034dd62191688e7671a29ca7784d18
18cd761a339ce780a890988f28bf03c7bcc815a221f5647298a9f06172dfd4ff
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "CD8AE0CBCC2EF1F84B42271BF34DCB163AED8DFE"
Expires: Thu, 09 Feb 2023 11:00:00 UTC
Last-Modified: Wed, 08 Feb 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Thu, 09 Feb 2023 00:15:27 GMT
Via: 1.1 varnish
Age: 1974
X-Served-By: cache-bma1676-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1675901728.898491,VS0,VE1
ivona.ua/img/logo.png
54.230.111.14200 OK 1.3 kB IP 54.230.111.14:0
File type PNG image data, 130 x 75, 4-bit colormap, non-interlaced\012- data
Hash 7ba41695026c48c1bb57782a81bf1f19
973a2d299d232bc964772249e1b596bbb5554e86
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b
GET /img/logo.png HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/css/style.css/v11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1326
server: nginx
date: Fri, 10 Jun 2022 06:56:59 GMT
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
etag: "60fc3da0-52e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SX7rIRtMXxeP6jWhIc0Ar4JCHPUjL2eSnRbpvDd7AfQYjF4fVzNqGw==
age: 21057712
X-Firefox-Spdy: h2
ivona.ua/img/sitename.png
54.230.111.14200 OK 1.1 kB URL HTTP/2 ivona.ua/img/sitename.png
IP 54.230.111.14:0
File type PNG image data, 263 x 34, 4-bit colormap, non-interlaced\012- data
Hash 889694b038cfa99faf255b73fc26e6d3
1a7d3f69a00080a67cf40c551eeac9214109947e
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd
GET /img/sitename.png HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/css/style.css/v11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1058
server: nginx
date: Sat, 10 Dec 2022 08:01:09 GMT
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
etag: "6229f95c-422"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y_UKQTVt0xtjjN-SDcFpNaCCHrYlLKKwIP47eHjqafRcl2uDnm030w==
age: 5242837
X-Firefox-Spdy: h2
ivona.ua/img/search_icon.png
54.230.111.14200 OK 253 B URL HTTP/2 ivona.ua/img/search_icon.png
IP 54.230.111.14:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 94606e09461f7e7ee1dd29ab220dc906
ea58f8db7f2dbef425edff0d7a96cd4894827e6c
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c
GET /img/search_icon.png HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/css/style.css/v11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 253
server: nginx
date: Fri, 22 Jul 2022 04:33:01 GMT
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
etag: "60fc3da0-fd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Msnd4TFT4RCDI2hsbOtIGc9Ehtb9ptGf2v1vvHGT_Abm0HqjfLC-XA==
age: 17437424
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6279
Cache-Control: max-age=125276
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Etag: "63e368f5-1d7"
Expires: Fri, 10 Feb 2023 11:03:24 GMT
Last-Modified: Wed, 08 Feb 2023 09:18:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4059
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Last-Modified: Wed, 08 Feb 2023 23:07:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6073
Cache-Control: max-age=125070
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Etag: "63e368f5-1d7"
Expires: Fri, 10 Feb 2023 10:59:58 GMT
Last-Modified: Wed, 08 Feb 2023 09:18:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 19:35:13 GMT
expires: Thu, 08 Feb 2024 19:35:13 GMT
cache-control: public, max-age=31536000
age: 16815
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
104.18.11.207200 OK 46 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (57791)
Hash cfdf56b2daf0467cbfe927eb66d88870
24c23ee9c339a5c555384c03675a00e034c27317
c84ca9846c4476e8e7fd5a731223ab6269e586387fd28f38b00c322eb7001f3e
GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 2021-08-02 21:50:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b15417b2c98f73e0910f14703189176f
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 28755384
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79686926da780b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.ivona.ua/i/71/56/82/3/7156823/20cc63e5a93d7c099f719b4275377f1a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
54.230.111.2200 OK 17 kB URL HTTP/2 i.ivona.ua/i/71/56/82/3/7156823/20cc63e5a93d7c099f719b4275377f1a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
IP 54.230.111.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=26, height=4480, bps=0, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, width=6720], baseline, precision 8, 80x60, components 3\012- data
Hash 76f8575ad7604a270ffa5a5980a10d45
9a1fca2e1f0e62c89c18e79f66a4b7418660deee
843ed836c2585d00cce9bb1b667df24bcfbf4bca15c71d746673d9dc5d24bdf1
GET /i/71/56/82/3/7156823/20cc63e5a93d7c099f719b4275377f1a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg HTTP/1.1
Host: i.ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 16915
date: Sat, 04 Feb 2023 00:08:05 GMT
last-modified: Fri, 03 Feb 2023 23:49:07 GMT
etag: "76f8575ad7604a270ffa5a5980a10d45"
cache-control: public, max-age=315360000
x-amz-version-id: x8JrGD0jj2z9Nc8yaw7LOgBedKFfL2Sq
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sIC0CloEQMS5H6-nLhBmBtPo_glxYs1tmfGs1zAlRR9UZuPY5OyevA==
age: 432444
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=2093667014&div=zone_2093667014&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240204 No Content 0 B URL HTTP/2 z.cdn.umh.ua/load?z=2093667014&div=zone_2093667014&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load?z=2093667014&div=zone_2093667014&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 674 B URL HTTP/2 z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (343), with CRLF, LF line terminators
Hash 9322fb390aa6a8579182b7f67d9db6bb
7fe1a87ff170156a93158bce7e5dcf50d3ac2e4a
2bef6ea2d580ced93a932d03ae6e0899c07aff4a2cc807c6454d098262f2145a
GET /load?z=2096059570&div=zone_2096059570&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 674
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 709 B URL HTTP/2 z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (343), with CRLF, LF line terminators
Hash 279cd8dae3f88774492ee39978aeef54
b23820f1fbc33c784a807efbc5f13bbcf423a552
69f0f4dc743a5d6255121819a9626a2c14ed489a5ebb1a2fd716dc04584e2c1b
GET /load?z=1604070069&div=zone_1604070069&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 709
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 710 B URL HTTP/2 z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (342), with CRLF, LF line terminators
Hash 0ac27d55a81cf20b45e4f267976fce39
83ac3c792737273d23294e563cd1185abdf42e70
26aafe71e2015028841b5fae276911b5ff7b816b543d022080eccbb755daeac8
GET /load?z=1817662902&div=zone_1817662902&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 710
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=1776255766&div=zone_1776255766&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 650 B URL HTTP/2 z.cdn.umh.ua/load?z=1776255766&div=zone_1776255766&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (357), with CRLF, LF line terminators
Hash dd9ce546c75e5428c5f8b8f7025fbd32
f9524299c8c421250e472f8254ac815358621445
b2c7493ce4f4264f783cd225c48e294416ac29b068a3f3d79b4e14f2fa5d0cc5
GET /load?z=1776255766&div=zone_1776255766&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 650
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.cdn.umh.ua/load?z=2108148421&div=zone_2108148421&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 1.4 kB URL HTTP/2 z.cdn.umh.ua/load?z=2108148421&div=zone_2108148421&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (1385), with CRLF, LF line terminators
Hash 349773b400f5b6361a91c348f7312b72
d3b1ce7d3c0f33b1fad2b5b0111eed73a7d4e57b
dcc50b8df6c25b18985743599af4c0ec584197682f6083257453139c876dc83b
GET /load?z=2108148421&div=zone_2108148421&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 1361
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28444, version 1.0\012- data
Hash e996a4db02cc36705ce700e4b5d06b3a
c5fa1dff68d7d83689f58bc498caea9041cf7b75
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
GET /s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:31:52 GMT
expires: Fri, 02 Feb 2024 00:31:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
content-type: font/woff2
age: 603816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 89dbe888cc34846699acd9b64a426893
6d26b8d58d73c6f9951f8f4bf6fdcdbe9fb81255
e5be8584a0a227ddaae0095a5d78a364f756b97093626a92166e380351e08868
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3469
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Last-Modified: Wed, 08 Feb 2023 23:17:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
142.250.74.106200 OK 8.5 kB URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
IP 142.250.74.106:0
Hash 1edf6205a4c7b0f5b4d9393b1347f520
5bf17052084694e4bb2379c3e3dd8b7df1e84ef9
98bfa7ae64b8204b58684026858b8146e33e8e876b17e7946124336248c7d9f1
GET /css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 00:15:27 GMT
date: Thu, 09 Feb 2023 00:15:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.umh.ua/libs/e.js
78.159.118.240200 OK 8.8 kB IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (538)
Hash b68b54654af28c03631dddb84b0b7dde
8b11fdbf47ae1d86731c339c48401ccbb9aa1377
f328f30810092374ac64dbdca8b2fc1c3db7926995dc63897c926127146aff03
GET /libs/e.js HTTP/1.1
Host: cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 11:29:20 GMT
vary: Accept-Encoding
etag: W/"63494810-2c5c"
expires: Fri, 10 Feb 2023 00:15:28 GMT
cache-control: max-age=86400
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: X-PINGOTHER
access-control-max-age: 1728000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
content-encoding: gzip
X-Firefox-Spdy: h2
i.ivona.ua/i/69/18/49/5/6918495/image_main/5671a215c58797ef803e3bed40003f1c-quality_100Xallow_enlarge_0Xw_600Xh_0.jpg
54.230.111.2200 OK 241 kB URL HTTP/2 i.ivona.ua/i/69/18/49/5/6918495/image_main/5671a215c58797ef803e3bed40003f1c-quality_100Xallow_enlarge_0Xw_600Xh_0.jpg
IP 54.230.111.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x484, components 3\012- data
Size 241 kB (240580 bytes)
Hash 39b925302d1b2bfb615027b25a3b0649
8ab3f17b62a0866bb7ab1066fd691eafe4e2ddc5
1eadea8fa9231c4843561546bfadc9da2f243d32488a3eff81f3653dca5580f4
GET /i/69/18/49/5/6918495/image_main/5671a215c58797ef803e3bed40003f1c-quality_100Xallow_enlarge_0Xw_600Xh_0.jpg HTTP/1.1
Host: i.ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 240580
date: Tue, 17 Jan 2023 17:50:28 GMT
last-modified: Sun, 20 Nov 2022 09:05:44 GMT
etag: "39b925302d1b2bfb615027b25a3b0649"
cache-control: public, max-age=315360000
x-amz-version-id: OUMSS1D_hsyw1jmvDmMUEnmAFmi4Pjs_
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JyJS_srRkTlvRzgssbSBfKhiQCguSgFVIVOWYCJhAlrmHZZNbTbOnA==
age: 1923901
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240204 No Content 0 B URL HTTP/2 z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load?z=1320962835&div=zone_1320962835&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
216.58.207.227200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 42500, version 1.0\012- data
Hash 8c5246074400a5141ea18bf48dff17ee
b0650d9d042dfdc6e5fbc3b9f79f87822f9ee689
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
GET /s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:20:24 GMT
expires: Sun, 04 Feb 2024 10:20:24 GMT
cache-control: public, max-age=31536000
age: 395704
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ivona.ua/i/71/59/50/9/7159509/543482511a382f5f92cf9c525647c5d9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
54.230.111.2200 OK 8.8 kB URL HTTP/2 i.ivona.ua/i/71/59/50/9/7159509/543482511a382f5f92cf9c525647c5d9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
IP 54.230.111.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2023:02:07 16:29:11], baseline, precision 8, 80x60, components 3\012- data
Hash 189fc68ba0b8d8e93b74f8d3ee101bff
1c5199038b619a21632d5927c3f95a7c0dab3e2f
69fceab3cf8994da0398cf81add45b7c7382d62f54288730f85267e051ae2750
GET /i/71/59/50/9/7159509/543482511a382f5f92cf9c525647c5d9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg HTTP/1.1
Host: i.ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8774
date: Wed, 08 Feb 2023 23:11:18 GMT
last-modified: Wed, 08 Feb 2023 23:11:13 GMT
etag: "189fc68ba0b8d8e93b74f8d3ee101bff"
cache-control: public, max-age=315360000
x-amz-version-id: eooovNbwDwQ2aoGU2F5QIfjnKUrQic1G
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hm-YwQ2vhtOjUERInvWPPfkFQxGNd0Gcq1sv3YUeD0mbTGHkXQK1Xg==
age: 3851
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=2072280557&div=zone_2072280557&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240204 No Content 0 B URL HTTP/2 z.cdn.umh.ua/load?z=2072280557&div=zone_2072280557&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load?z=2072280557&div=zone_2072280557&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ace55ace621ba82218115286a1197cf1
0c445c20da08834e63d16820062df3842a2744eb
3a76c524f01a464bdf5cc00c2f7f939a0396d308e4963715bf1740ed7365dca5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A76C524F01A464BDF5CC00C2F7F939A0396D308E4963715BF1740ED7365DCA5"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5584
Expires: Thu, 09 Feb 2023 01:48:32 GMT
Date: Thu, 09 Feb 2023 00:15:28 GMT
Connection: keep-alive
z.cdn.umh.ua/load?z=1207900632&div=zone_1207900632&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 1.1 kB URL HTTP/2 z.cdn.umh.ua/load?z=1207900632&div=zone_1207900632&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (356), with CRLF, LF line terminators
Hash 9ebe59bb61fe2052b7863db208f7576a
b57b87ce313ceb91530c1c8f4026053718b36ab4
5d8e37a3ae2767c8dbe801efa37f4892baaf9646d661b4f408f6483a02ea6f41
GET /load?z=1207900632&div=zone_1207900632&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 1082
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
sC=1; expires=Sat, 11 Feb 2023 22:00:02 GMT; path=/;
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.227200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:19:25 GMT
expires: Wed, 07 Feb 2024 14:19:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
age: 122163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=1486836196&div=zone_1486836196&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 1.2 kB URL HTTP/2 z.cdn.umh.ua/load?z=1486836196&div=zone_1486836196&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (571), with CRLF, LF line terminators
Hash 257c585b30d77a7afe4ff70d82dbfd58
84aa0e8b41d7cf3a047259251cd7a70db652bcc1
1b244a5c06eb51703af3b9d7940fd98a1c16df928bfa143fbff8d7ef27003c8e
GET /load?z=1486836196&div=zone_1486836196&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 1199
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
sC=1; expires=Sat, 11 Feb 2023 22:00:02 GMT; path=/;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.cdn.umh.ua/load?z=1298669489&div=zone_1298669489&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 656 B URL HTTP/2 z.cdn.umh.ua/load?z=1298669489&div=zone_1298669489&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (357), with CRLF, LF line terminators
Hash 3f61f403ec588b90215e604975a55748
7771915f65f42079146f5a7652ea01d1ffa5088e
29e68cfcc6662dcaf92aaf08a9554196aa7dd9c19f99a32c8299c21f7b3a7b86
GET /load?z=1298669489&div=zone_1298669489&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 656
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
104.16.199.73200 OK 1.0 kB URL HTTP/2 jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
IP 104.16.199.73:0
File type ASCII text, with very long lines (2678)
Hash 833a848bd00944f7867fada4cc61142c
ca840e4b12d49c841b6235c23a8dac5d5aa9b877
77d86717bc45f48ffa3a1fe5267dc1cfaf75b325a5014a87b93e39f3f8784d30
GET /i/v/ivona.bigmir.net.1211636.js HTTP/1.1
Host: jsc.idealmedia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: text/javascript
content-length: 1019
x-amz-id-2: Zf4mA/WOftNOW8pkjB/jPMqFv/UWp8Rb+lYE9YO/9+xd7GrWvTNESvUqt8f/w2IFlJBYBdrusPs=
x-amz-request-id: TGB0AC0EQ5054YWZ
last-modified: Wed, 18 Jan 2023 10:16:44 GMT
etag: "833a848bd00944f7867fada4cc61142c"
content-encoding: gzip
x-amz-version-id: 3N_u2v8BU_1dICFVZBreM7VdZWJJyI8l
cf-cache-status: HIT
expires: Thu, 09 Feb 2023 03:15:28 GMT
cache-control: public, max-age=10800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7968692ad97bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4059
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Last-Modified: Wed, 08 Feb 2023 23:07:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
104.16.199.73200 OK 1.0 kB URL HTTP/2 jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
IP 104.16.199.73:0
File type ASCII text, with very long lines (2678)
Hash 0e9d44e4c7023fa4048bcc2142b2c6a0
174c286c2ad777f920bc9f82a1f7692701e43f7b
c30ef49ef365decf919dd8b05a8f0673fde1f8e82ec5ed81d28e76ac8920be84
GET /i/v/ivona.bigmir.net.1296107.js HTTP/1.1
Host: jsc.idealmedia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: text/javascript
content-length: 1019
x-amz-id-2: Q5NFcBNsGyyUVDZnNo0/cewajmsZU8vDBAezg3eH+Bz0QhetGKTFZcEMBTgcK6Ry34sHQ5Ugmak=
x-amz-request-id: JX2QZF9CH1J5H19J
last-modified: Wed, 18 Jan 2023 10:20:58 GMT
etag: "0e9d44e4c7023fa4048bcc2142b2c6a0"
content-encoding: gzip
x-amz-version-id: WNU3oRufwbzGTWOVlAmGyegke9ZVDef1
cf-cache-status: HIT
expires: Thu, 09 Feb 2023 03:15:28 GMT
cache-control: public, max-age=10800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7968692ae98ab4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a1578dd2bce1af300b68e6e5dd766323
519f622a4542ef66ba339715f2e9efd23ed1ebb7
feb1e6ec14bc90f1a92f1ef3fe5ab4bdad4d54987b08099fe226ea812c5d4ae0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEB1E6EC14BC90F1A92F1EF3FE5AB4BDAD4D54987B08099FE226EA812C5D4AE0"
Last-Modified: Tue, 07 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12281
Expires: Thu, 09 Feb 2023 03:40:09 GMT
Date: Thu, 09 Feb 2023 00:15:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83585b050ce35d6cc3959389c26cf8c5
bd03897b503075850cdaf2dbf62689b2fac2b9b3
68aad37c9ac6b9544bd535e61ad40bbda28852f22ed658e9346666260e07ae70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68AAD37C9AC6B9544BD535E61AD40BBDA28852F22ED658E9346666260E07AE70"
Last-Modified: Tue, 07 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7419
Expires: Thu, 09 Feb 2023 02:19:07 GMT
Date: Thu, 09 Feb 2023 00:15:28 GMT
Connection: keep-alive
z.cdn.adtarget.market/smc?s=201&u=66910b6b526aeeff
212.32.253.229204 No Content 0 B URL HTTP/2 z.cdn.adtarget.market/smc?s=201&u=66910b6b526aeeff
IP 212.32.253.229:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smc?s=201&u=66910b6b526aeeff HTTP/1.1
Host: z.cdn.adtarget.market
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:05:38 GMT
X-Firefox-Spdy: h2
s.zmctrack.net/z
185.187.81.40200 OK 23 kB IP 185.187.81.40:0
ASN #43332 LLC id Strategy
File type ASCII text, with very long lines (51435)
Hash e3471312dd43ee76f6dcb7c3bebfc302
4a01cbcd108cb56aa37ca639c605b6df05f90e3d
e971b75d461c7fb69ec804ff855f5f0e3af8184be8fc146b91a263c84dd66968
POST /z HTTP/1.1
Host: s.zmctrack.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 98
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: text/javascript
content-length: 23411
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
access-control-allow-methods: POST, GET, OPTIONS
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
X-Firefox-Spdy: h2
scontent.xx.fbcdn.net/v/t1.6435-1/60236584_1740068316138332_356896694077489152_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=paueYlbVHfIAX9Nr9ub&_nc_ht=scontent.xx&edm=AN6CN6oEAAAA&oh=00_AfDzI6tZGP0oowSQflXFPkTt1buc5R-hWOxeLObxDtGndw&oe=640BBD12
157.240.205.11200 OK 1.3 kB URL HTTP/2 scontent.xx.fbcdn.net/v/t1.6435-1/60236584_1740068316138332_356896694077489152_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=paueYlbVHfIAX9Nr9ub&_nc_ht=scontent.xx&edm=AN6CN6oEAAAA&oh=00_AfDzI6tZGP0oowSQflXFPkTt1buc5R-hWOxeLObxDtGndw&oe=640BBD12
IP 157.240.205.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 40x40, components 3\012- data
Hash aa9305e7f8fa2247b63dcd4f37891765
bd25f3f91db60f6ccc368c3b50512b54b9f25427
b65d48c85ca85760d9898ed6d781af3be9ffca8cf8c0da4f211f9454170a01ef
GET /v/t1.6435-1/60236584_1740068316138332_356896694077489152_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=paueYlbVHfIAX9Nr9ub&_nc_ht=scontent.xx&edm=AN6CN6oEAAAA&oh=00_AfDzI6tZGP0oowSQflXFPkTt1buc5R-hWOxeLObxDtGndw&oe=640BBD12 HTTP/1.1
Host: scontent.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 08 May 2019 07:30:30 GMT
x-haystack-needlechecksum: 1319999060
x-needle-checksum: 3871402563
content-type: image/jpeg
content-digest: adler32=614895056
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 1330
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 00:15:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/afk-8279vNB.png
157.240.205.11200 OK 522 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/afk-8279vNB.png
IP 157.240.205.11:0
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash dc5d95f03904baf3c9d40079224d098a
301da95d78a14990fdc201bc4e3d729c2fb5f9ca
b27e8c5823c90a3d22394ca95e0f70c935fc02b610f9f04447b87b3d4908c5b3
GET /rsrc.php/v3/yM/r/afk-8279vNB.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 3F2V8DkEuvPJ1AB5Ik0Jig==
expires: Thu, 01 Feb 2024 04:19:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: Bt/NbTy4gmktayvnySobJNQ+IFGVsuCqHdXuuAhrGjOnGwytCvw4cnqevrBMCShKNsWdeHbbqVesW8EzrNo2UA==
priority: u=3,i
content-length: 522
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 00:15:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
157.240.205.11200 OK 2.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
IP 157.240.205.11:0
File type PNG image data, 25 x 203, 8-bit colormap, non-interlaced\012- data
Hash 0937c5875d6c88a3d404feb575ed0562
557a61d6bda988878f1e28070aac3d901389e63f
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
GET /rsrc.php/v3/yx/r/L0hsXTmQDMQ.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: CTfFh11siKPUBP61de0FYg==
expires: Thu, 01 Feb 2024 07:40:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
x-fb-debug: RnBnV0OdLEmL+hTnQXZGK/iGjG4UOfPs0glVx6I6HbIaaZn5WWBZeNUnI9E+sUwRo5Pe+uV3zhPyiBwfvEepSA==
content-length: 2023
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 00:15:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
exchange.informer.ua/assets/thumbnails/39/39acd40ae19fa0aadcdea705ed1b57bf.jpg
193.29.200.142200 OK 6.0 kB URL HTTP/2 exchange.informer.ua/assets/thumbnails/39/39acd40ae19fa0aadcdea705ed1b57bf.jpg
IP 193.29.200.142:0
ASN #197203 PJSC Ukrainian Media Holding
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 85x55, components 3\012- data
Hash ee5976717414b8631ae5de538bd9f2a8
01c46c11c4095bb5ac0d12316825bbea3df89033
11949dfcdec4ba0faabdad60a955f185898f6af7e2f27681760cd414fa6fb839
GET /assets/thumbnails/39/39acd40ae19fa0aadcdea705ed1b57bf.jpg HTTP/1.1
Host: exchange.informer.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exchange.informer.ua/informer/stat/?s=kolobok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Thu, 09 Feb 2023 00:28:30 GMT
content-type: image/jpeg
content-length: 6005
last-modified: Fri, 09 Dec 2022 18:50:10 GMT
etag: "63938362-1775"
accept-ranges: bytes
X-Firefox-Spdy: h2
scontent.xx.fbcdn.net/v/t1.6435-9/98188664_2135213756623784_8107186706085576704_n.jpg?stp=dst-jpg_p526x296&_nc_cat=103&ccb=1-7&_nc_sid=7aed08&_nc_ohc=DjnTezhZ640AX-3LY7H&_nc_ht=scontent.xx&edm=AN6CN6oEAAAA&oh=00_AfCDTjhjb7mXvxS4K0cxgpD_SGAIbiBNb5FwPRbR2CQp3g&oe=640BB02F
157.240.205.11200 OK 58 kB URL HTTP/2 scontent.xx.fbcdn.net/v/t1.6435-9/98188664_2135213756623784_8107186706085576704_n.jpg?stp=dst-jpg_p526x296&_nc_cat=103&ccb=1-7&_nc_sid=7aed08&_nc_ohc=DjnTezhZ640AX-3LY7H&_nc_ht=scontent.xx&edm=AN6CN6oEAAAA&oh=00_AfCDTjhjb7mXvxS4K0cxgpD_SGAIbiBNb5FwPRbR2CQp3g&oe=640BB02F
IP 157.240.205.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 526x526, components 3\012- data
Hash 90f2ceefe73897e2ec9a2be7b8dc9866
b3efc9738d5043b08656f579040a3793a6edbf91
ae844adc21d4332431c5c189d2402d40361e9cc4479b9489a4d1a74e5c26b965
GET /v/t1.6435-9/98188664_2135213756623784_8107186706085576704_n.jpg?stp=dst-jpg_p526x296&_nc_cat=103&ccb=1-7&_nc_sid=7aed08&_nc_ohc=DjnTezhZ640AX-3LY7H&_nc_ht=scontent.xx&edm=AN6CN6oEAAAA&oh=00_AfCDTjhjb7mXvxS4K0cxgpD_SGAIbiBNb5FwPRbR2CQp3g&oe=640BB02F HTTP/1.1
Host: scontent.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 20 May 2020 08:32:53 GMT
x-haystack-needlechecksum: 1511463529
x-needle-checksum: 1122921618
content-type: image/jpeg
content-digest: adler32=1966205903
content-length: 57882
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 00:15:28 GMT
x-fb-edge-debug: BbhwAcxZMu9_OCQH9UvGaaTrutimcDGywnrvfHKHbN3UZwsjSRUpClTJjUNVFseXYj-lBqb-YsZw__xNZuZLFVzba3ITV45F98vUrJeb_9U
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.umh.ua/libs/vast/vast-player/vast-player.js
78.159.118.240200 OK 52 kB URL HTTP/2 cdn.umh.ua/libs/vast/vast-player/vast-player.js
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
Hash daf88264811471bbceb3266642338cdb
01c894de4b04b2a423a54f8a6acd9f91269be948
09989beb827081315268a82a15add23693ba76db11076412170d1a49cc2534b1
GET /libs/vast/vast-player/vast-player.js HTTP/1.1
Host: cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.umh.ua/libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1314877256_IfiEPRwJCLnP&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1314877256&u=66910b6b526aeeff&sr=1280x1024&cw=1268&ch=939&hc=16&df=64&bh=1&tl=1771&n=864482560&url=ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&zyx=1503515561
Cookie: AU=66910b6b526aeeff
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 06 Oct 2022 14:41:04 GMT
vary: Accept-Encoding
etag: W/"633ee900-26604"
expires: Fri, 10 Feb 2023 00:15:28 GMT
cache-control: max-age=86400
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: X-PINGOTHER
access-control-max-age: 1728000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.informer.ua/assets/thumbnails/00/0061b6338269f09017f565c307f1f1e2.jpg
193.29.200.142200 OK 7.2 kB URL HTTP/2 exchange.informer.ua/assets/thumbnails/00/0061b6338269f09017f565c307f1f1e2.jpg
IP 193.29.200.142:0
ASN #197203 PJSC Ukrainian Media Holding
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 85x55, components 3\012- data
Hash b4f019b5f80fac70914eab2e1635f279
ed7e24bff4725c71698fd23daad375955cbe174c
d78cbd5efe79bbef928f00999684c2b7bdfb1f7b1103dc48f77d1ed3a11bd385
GET /assets/thumbnails/00/0061b6338269f09017f565c307f1f1e2.jpg HTTP/1.1
Host: exchange.informer.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exchange.informer.ua/informer/stat/?s=kolobok
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.12.2
date: Thu, 09 Feb 2023 00:28:30 GMT
content-type: image/jpeg
content-length: 7176
last-modified: Fri, 25 Nov 2022 16:41:07 GMT
etag: "6380f023-1c08"
accept-ranges: bytes
X-Firefox-Spdy: h2
go.rcvlink.com/static/main.js
136.243.84.75200 OK 2.9 kB URL HTTP/2 go.rcvlink.com/static/main.js
IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (831)
Hash 74a22d468ba5ebc2549ca9ea91520085
ec29136870c6009d1ac1b9c696f350375e867f31
642394a3ef5c37ef884a671cc1b05d68343b217c394adfb7dc2375689919e33e
GET /static/main.js HTTP/1.1
Host: go.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 17:40:48 GMT
etag: W/"62f53f20-1892"
expires: Fri, 10 Feb 2023 00:15:28 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
ivona.ua/click/articles/stat/add-view?lang_key=ua&cid=6&site=ivona&aid=6918495&0.49759289746841884
54.230.111.14200 OK 23 kB URL HTTP/2 ivona.ua/click/articles/stat/add-view?lang_key=ua&cid=6&site=ivona&aid=6918495&0.49759289746841884
IP 54.230.111.14:0
Hash 908a8006924327db1bab2317c30c2194
2e56d902deb7a72759ef8feebf726c360f79715f
27cd82c8ebda1a32a163f4a24f4f12e0f620141a0973b60451a4493118239f47
POST /click/articles/stat/add-view?lang_key=ua&cid=6&site=ivona&aid=6918495&0.49759289746841884 HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 5
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
server: nginx
date: Thu, 09 Feb 2023 00:23:55 GMT
access-control-allow-origin: https://ivona.ua
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uvFudVSjBQevNHquIHike3YB6tjt7NFx4Y_rno07zxwhOZPzdZNZtg==
X-Firefox-Spdy: h2
ivona.ua/favicon/favicon-16x16.png
54.230.111.14200 OK 1.1 kB URL HTTP/2 ivona.ua/favicon/favicon-16x16.png
IP 54.230.111.14:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 0ba2eba7e71caec53f72827da1d0dedc
c8526724fb3b89613c41e2a8beac79e2c2a9ee1f
2a13c16cde0dc6152e4a692fca9a207523c8d347dee0e988554d5561c9b77fb0
GET /favicon/favicon-16x16.png HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Cookie: IdealmediaStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1211636%22%3A%7B%22page%22%3A1%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1147
server: nginx
date: Fri, 28 Oct 2022 08:26:03 GMT
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
etag: "6229f95c-47b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tjJCZhtiFe0qDI_qOdNLQiR67fJmmL_nWGDSfvMPPjDOAbrKBLvHYQ==
age: 8956452
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 72390cb7ac945efb0f941ea683debf03
d1a37f015b7e7cdf2d259aa62a15e2f784833571
974d7cfa45510239991f637da24cb599d0ba4f4d538d52bff44aca7cde437558
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Last-Modified: Wed, 08 Feb 2023 23:20:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=66910b6b526aeeff
185.86.139.102200 OK 562 B URL HTTP/2 ssbsync.smartadserver.com/api/sync?callerId=61&gdpr=0&gdpr_consent=&u=66910b6b526aeeff
IP 185.86.139.102:0
ASN #201081 SmartAdServer SAS
File type HTML document text\012- HTML document, ASCII text
Hash 25488dc66573adf95769290dafa9cecf
3ac755c4891cc733811b07fb04b0c91321b472a0
6a5c300b6aaab8dd5223d55a1f999b8f12f6b1a81a26d28a6bdc7fdf588964e8
GET /api/sync?callerId=61&gdpr=0&gdpr_consent=&u=66910b6b526aeeff HTTP/1.1
Host: ssbsync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 562
content-type: text/html
date: Thu, 09 Feb 2023 00:15:28 GMT
set-cookie: pid=4214693936749375291; expires=Mon, 11 Mar 2024 00:14:28 GMT; domain=smartadserver.com; path=/; secure; samesite=none
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97bb7f61bbfe2283272f2c6f191001c1
26a38e62254b938eb7f601152e38c12168d76280
0ee2d0417bc77cb5afd8feecaaa54fd0881715038b3c2301b816a15a468f499e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EE2D0417BC77CB5AFD8FEECAAA54FD0881715038B3C2301B816A15A468F499E"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=738
Expires: Thu, 09 Feb 2023 00:27:46 GMT
Date: Thu, 09 Feb 2023 00:15:28 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 23:44:05 GMT
expires: Thu, 09 Feb 2023 01:44:05 GMT
cache-control: public, max-age=7200
age: 1883
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3764e88aaec773b01eab8626eec401a2
4a784ed4384518c60debe3778760c8690404a8ca
ce9fea6a817206ceddc4c9cbaaf0117732004d157557fdb4d3213a38f46947a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2117
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:28 GMT
Last-Modified: Wed, 08 Feb 2023 23:40:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
z.cdn.umh.ua/load?o=v&z=1314877256&u=66910b6b526aeeff&sr=1280x1024&cw=1268&ch=939&hc=16&df=64&bh=1&tl=1771&n=864482560&url=ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&zyx=1503515561
78.159.118.240204 No Content 0 B URL HTTP/2 z.cdn.umh.ua/load?o=v&z=1314877256&u=66910b6b526aeeff&sr=1280x1024&cw=1268&ch=939&hc=16&df=64&bh=1&tl=1771&n=864482560&url=ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&zyx=1503515561
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load?o=v&z=1314877256&u=66910b6b526aeeff&sr=1280x1024&cw=1268&ch=939&hc=16&df=64&bh=1&tl=1771&n=864482560&url=ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&zyx=1503515561 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.umh.ua
Connection: keep-alive
Referer: https://cdn.umh.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://cdn.umh.ua
access-control-allow-credentials: true
vary: Origin
set-cookie: AU=66910b6b526aeeff; Expires=Thu, 08 Feb 2035 22:00:02 GMT; Path=/; HttpOnly; Domain=.cdn.umh.ua; SameSite=None; Secure
X-Firefox-Spdy: h2
www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fphoto.php%3Ffbid%3D2135213749957118%26set%3Da.109598215852025%26type%3D3&show_text=false&width=500
31.13.72.36200 OK 105 kB URL HTTP/2 www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fphoto.php%3Ffbid%3D2135213749957118%26set%3Da.109598215852025%26type%3D3&show_text=false&width=500
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58389)
Size 105 kB (105054 bytes)
Hash 1ebc63f625903f1a6e2ec258fff9e449
ea9cd72fc8d7d8eea535a49108b6fd9cdbb5bc73
8e3d1e79a12f544518fe7d3c3d0da08b6944133c6cb8ca0c366bd74b40ed66db
GET /plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fphoto.php%3Ffbid%3D2135213749957118%26set%3Da.109598215852025%26type%3D3&show_text=false&width=500 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 7eP9cjR+sBQM53XD9H42zPyfU/cAeEd/M3mhZiYFRPWOtsVjsOUMo23c6yDCbfNY1qqCB2QV7hDq1hW7bU/0uA==
date: Thu, 09 Feb 2023 00:15:28 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kolobok.ua/images/logo_top.png
193.29.200.162200 OK 8.3 kB URL HTTP/2 kolobok.ua/images/logo_top.png
IP 193.29.200.162:0
ASN #197203 PJSC Ukrainian Media Holding
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f3060d71d27af9b23fc169ccac68a7b
18be1c881ab6057a8c9cd3379468e62af9d72193
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
GET /images/logo_top.png HTTP/1.1
Host: kolobok.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exchange.informer.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:23:55 GMT
content-type: image/png
content-length: 8335
last-modified: Thu, 10 Mar 2022 13:13:00 GMT
etag: "6229f95c-208f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
142.250.74.2200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
IP 142.250.74.2:0
File type ASCII text, with very long lines (3649)
Hash 1cb97808afa263ba586fab156aa7d4cf
90244494d718f9dd8edda5f531161953e8396cc2
e34dd498493a38526da7decc5de29d191c5edea3b5b0133676ddcb11573cb54b
GET /pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Feb 2023 00:15:28 GMT
expires: Thu, 09 Feb 2023 00:15:28 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7032384018587249910
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49586
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3i4yZ4/y_/l/en_US/w7_unfZ5zg6.js?_nc_x=Ij3Wp8lg5Kz
157.240.205.11200 OK 27 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i4yZ4/y_/l/en_US/w7_unfZ5zg6.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.205.11:0
Hash 2e12c27d5050aec777781dd989fa511b
cbc4984b46cfd3110c6b812918c0982aa4f8291b
d4180c0f8b29a020c9ff873d1adb63f6b338b3ac7f1f3da131215d96f613a423
GET /rsrc.php/v3i4yZ4/y_/l/en_US/w7_unfZ5zg6.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 08 Feb 2024 19:47:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dzBChOsSDT2TGkfSj2AVIw==
x-fb-debug: LGXWIXCBsj+YhG72M5bnOTX0XJ9iAoUfwenAqyLrCMAlsY5JsDmWhKmjt4nCfhl48D7jHuBjo29kDwEUaXn1Fw==
priority: u=3,i
content-length: 195027
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 00:15:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 16 kB IP 172.64.155.188:0
Hash cd3031885a24304341541b5fb427ae9a
c05d5f760cad7d079ca1df1244b7abd3ce6e2e44
dea8c05871518f53a62c2c11e4d518177a79cdaedbb6ba88a5c608c5d65bffb5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:29 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 18:32:38 GMT
Expires: Mon, 13 Feb 2023 18:32:37 GMT
Etag: "db2aaded9df3f13c8377ad9f6ba7903aaa8928cf"
Cache-Control: max-age=410827,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7968692e7cc1b4fd-OSL
www.instagram.com/embed.js
157.240.205.174200 OK 21 kB URL HTTP/2 www.instagram.com/embed.js
IP 157.240.205.174:0
File type ASCII text, with very long lines (18743)
Hash 4eab991cc7c52e5132bc4a6bff74aa78
a93a2e4c45f9e3bd190ba4b0f56b56a48a57baad
0477ab2e76247897e40de36bdf0c757966f7989ec0755e119523e4c54c145bf7
GET /embed.js HTTP/1.1
Host: www.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: df244efe9919c35860f85e0545213364
etag: "8dee3bb3ece3cb3e1ca5b624b2dc242e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
edge-control: cache-maxage=1200s
expires: Thu, 09 Feb 2023 00:35:29 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
strict-transport-security: max-age=15552000
content-md5: TquZHMfFLlEyvEpr/3SqeA==
x-fb-debug: JYArfjBfKGBlgghw3FCIGZa1B8D3Fq7T7EdhXCHX3f6PzAoVhxyPJ347wui1lEDHRYyMTSAT3c8OYsbEW4tqxw==
content-length: 20914
date: Thu, 09 Feb 2023 00:15:29 GMT
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3764e88aaec773b01eab8626eec401a2
4a784ed4384518c60debe3778760c8690404a8ca
ce9fea6a817206ceddc4c9cbaaf0117732004d157557fdb4d3213a38f46947a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2101
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:29 GMT
Last-Modified: Wed, 08 Feb 2023 23:40:28 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
s-img.idealmedia.io/n/10367594/492x328/0x0x1169x779/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDIvNjg2MzMwLzIzZDU3Yzc4Y2IzNzBhZDVmMjgyMGMwZDkwZGZkYTM0LnBuZw.webp?v=1675901728-8pK19EGR5_jjwyYjm_SBthg0unwhWuofxeUUyS9sK1k
104.16.199.73200 OK 7.7 kB URL HTTP/2 s-img.idealmedia.io/n/10367594/492x328/0x0x1169x779/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDIvNjg2MzMwLzIzZDU3Yzc4Y2IzNzBhZDVmMjgyMGMwZDkwZGZkYTM0LnBuZw.webp?v=1675901728-8pK19EGR5_jjwyYjm_SBthg0unwhWuofxeUUyS9sK1k
IP 104.16.199.73:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ec7a8c94a8fe3e287cb15ff87545155
36a15322851e401a403d923d9b2285c6bf9c2121
e70b6c428c37896c19c260d505021cdcab2f9d3dd79127760a332685c4ee42e9
GET /n/10367594/492x328/0x0x1169x779/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDIvNjg2MzMwLzIzZDU3Yzc4Y2IzNzBhZDVmMjgyMGMwZDkwZGZkYTM0LnBuZw.webp?v=1675901728-8pK19EGR5_jjwyYjm_SBthg0unwhWuofxeUUyS9sK1k HTTP/1.1
Host: s-img.idealmedia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:29 GMT
content-type: image/webp
content-length: 7654
x-mg-request-uuid: abecc1ef-1ef2-40c8-a60b-ca72110b2667
access-control-allow-origin: *
last-modified: Mon, 06 Feb 2023 19:34:10 GMT
cache-control: max-age=86400
expires: Wed, 08 Feb 2023 19:44:15 GMT
cf-cache-status: HIT
age: 55582
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7968692f3a6c0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.idealmedia.io/n/10343221/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzY4NjMzMC85ZDM4NmVhNmI2N2ExYTlkYzAyZGQwZDFkOGQ2MDJiNS5qcGVn.webp?v=1675901728-HbwfFwrTu2XHhi6HHnR3eozvaV6iohMqKZyiBAX7z0A
104.16.199.73200 OK 20 kB URL HTTP/2 s-img.idealmedia.io/n/10343221/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzY4NjMzMC85ZDM4NmVhNmI2N2ExYTlkYzAyZGQwZDFkOGQ2MDJiNS5qcGVn.webp?v=1675901728-HbwfFwrTu2XHhi6HHnR3eozvaV6iohMqKZyiBAX7z0A
IP 104.16.199.73:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54474746643c9a361e2b8a7170686f82
b20ed8974a7befa58761c6485a8a26055e07cef5
c0aad30a27d28d039e1e2cb8384192ecf214ed71f95354e71d11e8928ec53a5a
GET /n/10343221/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzY4NjMzMC85ZDM4NmVhNmI2N2ExYTlkYzAyZGQwZDFkOGQ2MDJiNS5qcGVn.webp?v=1675901728-HbwfFwrTu2XHhi6HHnR3eozvaV6iohMqKZyiBAX7z0A HTTP/1.1
Host: s-img.idealmedia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:29 GMT
content-type: image/webp
content-length: 20506
x-mg-request-uuid: 2ec6afc3-681c-4e8a-891d-06cccc791a2a
access-control-allow-origin: *
last-modified: Sun, 15 Jan 2023 13:29:11 GMT
cache-control: max-age=86400
expires: Thu, 09 Feb 2023 17:29:39 GMT
cf-cache-status: HIT
age: 11177
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7968692f4a6d0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.idealmedia.io/n/10315462/492x328/0x0x1440x960/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNjg2MzMwLzRkNTk4ODZiNGQ0M2EwMTg0ZGY5NTE3ZjBiODRmNGM0LmpwZWc.webp?v=1675901728-aUDrs7hXLBEGmu9rcrToCyNy-Zi9joaqpTt9hl5wK_k
104.16.199.73200 OK 11 kB URL HTTP/2 s-img.idealmedia.io/n/10315462/492x328/0x0x1440x960/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNjg2MzMwLzRkNTk4ODZiNGQ0M2EwMTg0ZGY5NTE3ZjBiODRmNGM0LmpwZWc.webp?v=1675901728-aUDrs7hXLBEGmu9rcrToCyNy-Zi9joaqpTt9hl5wK_k
IP 104.16.199.73:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6fe87cd47e3723511c16a535be55f31
b05643acf18cee77aa0ca63d2279c83c06314040
77790b060253e1f263b931d36051294754d7c8ae8d3062345c53d17773a93db9
GET /n/10315462/492x328/0x0x1440x960/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNjg2MzMwLzRkNTk4ODZiNGQ0M2EwMTg0ZGY5NTE3ZjBiODRmNGM0LmpwZWc.webp?v=1675901728-aUDrs7hXLBEGmu9rcrToCyNy-Zi9joaqpTt9hl5wK_k HTTP/1.1
Host: s-img.idealmedia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:29 GMT
content-type: image/webp
content-length: 10878
x-mg-request-uuid: 37ff9bd7-e931-4008-945a-9ca2c7c70265
access-control-allow-origin: *
last-modified: Wed, 21 Dec 2022 10:19:12 GMT
cache-control: max-age=86400
expires: Thu, 09 Feb 2023 08:33:51 GMT
cf-cache-status: HIT
age: 4104
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7968692f5a780b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gaua.hit.gemius.pl/xgemius.js
54.37.238.28200 OK 17 kB URL HTTP/2 gaua.hit.gemius.pl/xgemius.js
IP 54.37.238.28:0
File type ASCII text, with very long lines (417)
Hash 1a64638971fe9fadf6e65ea4ea0fe678
af5bb2ca6e004bd9497b3c19aee5ac32085929a9
804f85c0edf3cfaaef578e3812698dbcc73d72d83743120e8a181cbf0976bcfa
GET /xgemius.js HTTP/1.1
Host: gaua.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:29 GMT
expires: Thu, 09 Feb 2023 12:15:29 GMT
server: GHC
accept-ranges: none
cache-control: max-age=43200
last-modified: Fri, 13 Jan 2023 15:19:30 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17134
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14887
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 00:15:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14887
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 00:15:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14887
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 00:15:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 12:41:28 GMT
age: 41641
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 764b732e88dd1e9c1824529b24b3dffc
2ba954a51c2972b267ae0536e343e608aa9aa7f4
a1efdf03b14bb05cf8e407b92476592c35fa2d27c5e66705322abdb4c6412a06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8150
x-amzn-requestid: 3834493a-4162-4cc9-b67c-541cc9be895b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8IH0TIAMFWqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb380-3746ff7b0a6894366efa848e;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I3qmC4D6qdsheK8VO3oKbPDU7XV1r9_XEPMcExKnvATDkVUsJHjHbg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:19:43 GMT
age: 71746
etag: "2ba954a51c2972b267ae0536e343e608aa9aa7f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnbG_CYddidhGlygFinwMyN81eHxP_vRzxsm7QBIAJzFqwaKTt-POQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:44 GMT
age: 9645
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28ae39b238f62d6c0aee7bb16ff863d5
3c2247e40747c3ca72dd7877facee9a9fecf0f59
c530ba92455ea45e14410f497d2df04cc1321e2937cc7e81aa75f4fc14206a7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3014
x-amzn-requestid: bec40915-584b-48fc-94c2-293e96567474
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKGrGoAMFelg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-2250ff00772341353151dd34;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmJxNCnPKUD5O4HCWIjqeVaanXL50KZ60Xu1iOC6bisRBDJNkVXvww==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "3c2247e40747c3ca72dd7877facee9a9fecf0f59"
content-type: image/jpeg
age: 9652
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9203cfb9f0c1c958dd008eac55a9d3c4
6bdd1047590dd3fb54c15d5d6d38e7c86274b203
09770229be5ff3037708543e3204c66de84253b3a858a83a0e1672a04c0e9cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11760
x-amzn-requestid: b2863a01-4714-4554-a478-5402467b3448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKHc_oAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-1c5a3edf37bc7cc937c800d2;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y-1zzLzVegi0T-SAyTpUuFD6iVVYbuL5u71dc74BY2l7PrxVu-am5w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "6bdd1047590dd3fb54c15d5d6d38e7c86274b203"
content-type: image/jpeg
age: 9652
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
2.18.172.200200 OK 4.2 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
IP 2.18.172.200:0
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Tue, 07 Feb 2023 12:30:23 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
cache-control: max-age=44088
expires: Thu, 09 Feb 2023 12:30:17 GMT
date: Thu, 09 Feb 2023 00:15:29 GMT
content-length: 63055
vary: Accept-Encoding
X-Firefox-Spdy: h2
gaua.hit.gemius.pl/fpdata.js?href=ivona.ua
54.37.238.28200 OK 277 B URL HTTP/2 gaua.hit.gemius.pl/fpdata.js?href=ivona.ua
IP 54.37.238.28:0
Hash 8144782242f0bda40de6961227eba4ae
ab20c8908e485f6e2ef3d7d6cfc0c92fdb8ac571
f0c71f296acee551e8074851177c28bee6f4aae988a1efe304df33be0be02b0f
GET /fpdata.js?href=ivona.ua HTTP/1.1
Host: gaua.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:29 GMT
expires: Sat, 11 Mar 2023 00:15:29 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 277
X-Firefox-Spdy: h2
z.cdn.umh.ua/mc?d=6&u=4214693936749375291&gdpr=0&gdpr_consent=
78.159.118.240200 OK 0 B URL HTTP/2 z.cdn.umh.ua/mc?d=6&u=4214693936749375291&gdpr=0&gdpr_consent=
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mc?d=6&u=4214693936749375291&gdpr=0&gdpr_consent= HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Cookie: AU=66910b6b526aeeff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:29 GMT
content-length: 0
X-Firefox-Spdy: h2
s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
54.230.111.71302 Found 0 B URL HTTP/2 s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
IP 54.230.111.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: CloudFront
date: Thu, 09 Feb 2023 00:15:29 GMT
content-length: 0
cache-control: no-cache, must-revalidate
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=d51853af
set-cookie: SCM=d51853af; Expires=Thu, 02 Mar 2023 00:15:29 GMT; Domain=.smaato.net; SameSite=None; Path=/; Secure
SCMsas=d51853af; Expires=Sun, 19 Feb 2023 12:15:29 GMT; Domain=.smaato.net; Path=/; SameSite=None; Secure
x-cache: GeneratedResponse from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hqmTSETJe902avMzKcUzxrsHgZdbGN30tcerSOFGpu-UFXI5woQ8tg==
X-Firefox-Spdy: h2
ls.hit.gemius.pl/lsget.html
146.59.30.108200 OK 2.7 kB URL HTTP/2 ls.hit.gemius.pl/lsget.html
IP 146.59.30.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1257)
Hash e463d7b67fd1677c6831fa498c0d99a5
1148cd3a13a17b5f58301db974027d7497fa1a7f
33d42586f15f1b32be9afa8f5a5528595869ee05f4eca6d2c6fc897bc179c6e7
GET /lsget.html HTTP/1.1
Host: ls.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:29 GMT
expires: Sat, 11 Mar 2023 00:15:29 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2727
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7980999daf055fc9e21ce2d8663483ab
3e584c1676ed7789a50dc5c9391653a0b96a9bab
44143d9428bae54918244e95d8f31dfea0865929c0a0805c0f328a2a7eb78fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.adtelligent.com/exchange_rates/738581/config.json?cb=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
45.133.44.4200 OK 1.5 kB URL HTTP/2 player.adtelligent.com/exchange_rates/738581/config.json?cb=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (2679), with no line terminators
Hash 3b73d398ec15067518f7e3cd789a18c6
9f9cce71f01fc9d24c1f244fb8fd98a6528755d1
e41d2a756629f12a593f865c68db56dc59f1efa965169ab2b71277513f901eb9
GET /exchange_rates/738581/config.json?cb=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly HTTP/1.1
Host: player.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:29 GMT
content-type: application/json
server: nginx
last-modified: Wed, 08 Feb 2023 00:02:26 GMT
etag: W/"63e2e692-8f8"
cache-control: max-age=172800
content-encoding: gzip
expires: Sat, 11 Feb 2023 00:15:29 GMT
access-control-allow-origin: https://ivona.ua
x-proxy-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b67850e3b3e13edebbd556f007617b39
f87b768ae3edea0649975ffe2dde53507cf7ef9e
5d2f919c5deae902674f2fec6fde833cd1286566566f9c70c2779edd789d08fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D2F919C5DEAE902674F2FEC6FDE833CD1286566566F9C70C2779EDD789D08FB"
Last-Modified: Tue, 07 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11238
Expires: Thu, 09 Feb 2023 03:22:48 GMT
Date: Thu, 09 Feb 2023 00:15:30 GMT
Connection: keep-alive
adservice.google.no/adsid/integrator.js?domain=ivona.ua
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=ivona.ua
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ivona.ua HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 00:15:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=ivona.ua
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=ivona.ua
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ivona.ua HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 00:15:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
162.19.138.119200 43 B URL HTTP/1.1 id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
IP 162.19.138.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/102/9.gif?gdpr=0&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 09-Feb-2023 00:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 09-Feb-2023 00:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 09-Feb-2023 00:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 09-Feb-2023 00:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 09-Feb-2023 00:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 09-Feb-2023 00:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 09 Feb 2023 00:15:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7980999daf055fc9e21ce2d8663483ab
3e584c1676ed7789a50dc5c9391653a0b96a9bab
44143d9428bae54918244e95d8f31dfea0865929c0a0805c0f328a2a7eb78fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0d370f8d9239374cd2f765340e2e67c8
5fb8bca1d2934da69871d3c006d78d54daea052d
d269ec25d619da1dd10a65e160936701d8bf86796018bfc0432f02017f12eebc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104236
Date: Thu, 09 Feb 2023 00:15:30 GMT
Etag: "63e32c7f-1d7"
Expires: Fri, 10 Feb 2023 05:12:46 GMT
Last-Modified: Wed, 08 Feb 2023 05:00:47 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mwH2Je2YWeg7LcL7K3cA37KPOY-aW_Gv6bTzjEUEiaS9dFCotD4H9A==
Age: 719
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash edcd3b275522401674f6bf4aa4ebc053
b8d8b58e1175f7e2044526194a40dfda04f62ee7
3b33b597998d55047a0707b4a2b5fdd36abd030227f66b2aded7518201557a2c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 17:15:10 GMT
Expires: Tue, 14 Feb 2023 17:15:09 GMT
Etag: "b8d8b58e1175f7e2044526194a40dfda04f62ee7"
Cache-Control: max-age=492578,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796869355f6db517-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
34.120.237.76200 OK 0 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
IP 34.120.237.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12811
x-amzn-requestid: be33f9ef-31cb-4572-9f22-0a433423e195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChzZFiWIAMFgmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4167b-70ed2a756b8da4372ccc1f83;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:39:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JpeDqbyAp9qLkVVqTKxmVy96vqBfyK4-GDiWdgkAjQlUN4Fu160VLA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:55 GMT
etag: "032d747cf20951f6ca6fd51489fefd7c09c4948d"
content-type: image/jpeg
age: 8974
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=738585&site_id=17201&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&adid=wcnhr2.1a&features=81952&vpbv=R118&tte=2445&lifecycle_tte=3702
185.239.173.66200 OK 43 B URL HTTP/1.1 ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=738585&site_id=17201&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&adid=wcnhr2.1a&features=81952&vpbv=R118&tte=2445&lifecycle_tte=3702
IP 185.239.173.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /adunit/tracking?event=11&type=0&client_id=738585&site_id=17201&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&adid=wcnhr2.1a&features=81952&vpbv=R118&tte=2445&lifecycle_tte=3702 HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Thu, 09 Feb 2023 00:15:29 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://ivona.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Set-Cookie: vmuid=0343551c1cb86ba6; expires=Sat, 13 May 2023 00:15:30 GMT; domain=.adtelligent.com; path=/; secure; SameSite
ls.hit.gemius.pl/lsset.html
146.59.30.108200 OK 1.9 kB URL HTTP/2 ls.hit.gemius.pl/lsset.html
IP 146.59.30.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1252)
Hash 8a4de5cfa8e2315995ebdf7c7bad5aeb
6670f52a7cc2829440fb32daac64e91c9d0f9761
b8be75378f2de5178caeacc1ee9bbe4e415dce7e299a7fc5b860c87daece885a
GET /lsset.html HTTP/1.1
Host: ls.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:30 GMT
expires: Sat, 11 Mar 2023 00:15:30 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 1869
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2198c3bd3c91c3a6a04aa161130b21f2
9de1b5994a79f0dcb5581af9b3bcebf60623f658
2997ee97a2315343a567730408ab048278b97fc6a95968af1c0ed5afeb310678
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 02:08:01 GMT
Expires: Mon, 13 Feb 2023 02:08:00 GMT
Etag: "9de1b5994a79f0dcb5581af9b3bcebf60623f658"
Cache-Control: max-age=351749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7968693519cfb4fd-OSL
sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
99.80.195.53302 Found 0 B URL HTTP/2 sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
IP 99.80.195.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP/1.1
Host: sync.tidaltv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 09 Feb 2023 00:15:30 GMT
content-length: 0
location: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
set-cookie: tidal_ttid=2c014bf2-9b04-44ca-be1a-36c0ac09f95b; Domain=.tidaltv.com; Expires=Fri, 09-Feb-2024 00:15:30 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash edcd3b275522401674f6bf4aa4ebc053
b8d8b58e1175f7e2044526194a40dfda04f62ee7
3b33b597998d55047a0707b4a2b5fdd36abd030227f66b2aded7518201557a2c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 17:15:10 GMT
Expires: Tue, 14 Feb 2023 17:15:09 GMT
Etag: "b8d8b58e1175f7e2044526194a40dfda04f62ee7"
Cache-Control: max-age=492578,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796869358d3fb50f-OSL
ghb.adtelligent.com/geo/
185.239.173.66200 OK 140 B IP 185.239.173.66:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d2adcd2efec13b041df1b20127c50f5c
e8843dc16f06aaba1ddef63cdbf0907854a3347e
a2d808adba6c3641f0cda955271b939e41450381ca78249cbe9aad9fd196e28d
GET /geo/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Thu, 09 Feb 2023 00:15:29 GMT
Content-Type: application/json
Content-Length: 140
Access-Control-Allow-Origin: https://ivona.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
99.80.195.53200 OK 42 B URL HTTP/2 sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
IP 99.80.195.53:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP/1.1
Host: sync.tidaltv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ssbsync.smartadserver.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: image/gif
set-cookie: tidal_ttid=5b963bcf-b732-4bfc-b057-a5dac402be00; Domain=.tidaltv.com; Expires=Fri, 09-Feb-2024 00:15:30 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.162200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.162:0
File type ASCII text, with very long lines (3399)
Hash 8672c93eebf80542ce1bb4cdd88e792e
4fa55188126d1a55d20669bc0feb0f752f33c0fa
b608a61e0aa05e55b03d747074f8c7b92bcd1930992f95a995f50bc94821aa16
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48910
date: Thu, 09 Feb 2023 00:15:30 GMT
expires: Thu, 09 Feb 2023 00:15:30 GMT
cache-control: private, max-age=3000
etag: "1675860536307976"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a9c5a278f07b138c1503ea3f0ec3797e
d36fe8427bd7ba735b06e69469ef715d1600da4e
978b6a189d73e308e1d79ac9241b2e1d07c43bc9ec65e2f4112ed74f143e342b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 1.1 kB IP 216.58.211.3:0
File type gzip compressed data, max compression\012- data
Hash 82cb7ba89e6fd9556789f7cd9579855f
c2b54e60c318a637d54628fb5472bdcb3017f397
ed494538f09929fcc07c4a91b0928790f4c718d7a11af1f2ba828b33f5b1b476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 9.0 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1672)
Hash 67e9f3846a4d9685bbb4817ecf1c3202
0cb354df8a3a60509c250eddc56e58a7dec8254d
a34fe37960ae8dcb6339643c2b87da2e9cba62ff25e47219a190bc783f9ba198
GET /pagead/js/r20230207/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9030
x-xss-protection: 0
date: Wed, 08 Feb 2023 18:27:54 GMT
expires: Wed, 22 Feb 2023 18:27:54 GMT
cache-control: public, max-age=1209600
age: 20856
etag: 14849286796705262889
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1605)
Hash a1bdac34c79f5ba9432de66913f54fa3
788719361fe56969d37a9ef49c046906defdd892
6e1e58bc51902fe55ace9d2545d3d00c4e4d00be1065a5c2dfb5e3c377e2f0b6
GET /pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7626
x-xss-protection: 0
date: Wed, 08 Feb 2023 18:27:51 GMT
expires: Wed, 22 Feb 2023 18:27:51 GMT
cache-control: public, max-age=1209600
age: 20859
etag: 5262822293969176042
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gaua.hit.gemius.pl/__/_1675901786951/rexdot.js?l=100&sendf=8&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&screen=1280x1024r1000&col=24&window=1280x939&vis=1&lsdata=-SETERR&fpdata=EQpns4tkaw6vgAsjaFsvWziGWa5UOvtlET2f5EHrHuL.j7<ime=132&fr=1&ref=&inner=_ver%3D335&exid=63e43b5a0a2df15f&brts=1675901786&fpcap=
54.37.238.28200 OK 169 B URL HTTP/2 gaua.hit.gemius.pl/__/_1675901786951/rexdot.js?l=100&sendf=8&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&screen=1280x1024r1000&col=24&window=1280x939&vis=1&lsdata=-SETERR&fpdata=EQpns4tkaw6vgAsjaFsvWziGWa5UOvtlET2f5EHrHuL.j7<ime=132&fr=1&ref=&inner=_ver%3D335&exid=63e43b5a0a2df15f&brts=1675901786&fpcap=
IP 54.37.238.28:0
Hash a97a1fe874a3e76c6095e3e8647e77eb
e1683c8e30cdc7ea73e269ed4b35d3c580df565f
528ca94914a5da102726914c5e47e8f727b6c3f19c6ef3427958895a5b5f2863
GET /__/_1675901786951/rexdot.js?l=100&sendf=8&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&screen=1280x1024r1000&col=24&window=1280x939&vis=1&lsdata=-SETERR&fpdata=EQpns4tkaw6vgAsjaFsvWziGWa5UOvtlET2f5EHrHuL.j7<ime=132&fr=1&ref=&inner=_ver%3D335&exid=63e43b5a0a2df15f&brts=1675901786&fpcap= HTTP/1.1
Host: gaua.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:30 GMT
expires: Wed, 08 Feb 2023 00:15:30 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGtbRXGQMGG7032u7ebsdlissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Thu, 16 Feb 2023 00:15:30 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 169
X-Firefox-Spdy: h2
go.rcvlink.com/img/logo160.png
136.243.84.75200 OK 6.2 kB URL HTTP/2 go.rcvlink.com/img/logo160.png
IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 160 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash d878e8553e2d485276747db5b9425aed
9a41b1cf930b9de515513658c6e27c7012fab53c
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
GET /img/logo160.png HTTP/1.1
Host: go.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.rcvlink.com/static/iframe.htm
Cookie: cache=tp_b49Lbu2352B0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: image/png
content-length: 6249
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
etag: "5c45e047-1869"
expires: Thu, 16 Feb 2023 00:15:30 GMT
cache-control: max-age=604800
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
z.cdn.umh.ua/load?z=2046180079&div=zone_2046180079&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
78.159.118.240200 OK 973 B URL HTTP/2 z.cdn.umh.ua/load?z=2046180079&div=zone_2046180079&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (357), with CRLF, LF line terminators
Hash 0cbd2556499e42b51a0775d88ec7319a
cbaf586703882fb136b9650f90675d461758c1ac
6f1e4a9f3fcb77eb3eee011ad9a6a42aa5af8de39cda9114944bb2ce5ef46e79
GET /load?z=2046180079&div=zone_2046180079&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1771&hc=16&n=1675901784738&url=ivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&ti=%D0%AF%D0%BA%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B7%20%D0%B2%D0%B8%D0%B3%D0%BB%D1%8F%D0%B4%D0%B0%D1%94%20%D0%BF%D0%B5%D1%80%D1%88%D0%B0%20%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BD%D0%B0%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D1%8F%20%D0%9F%D1%80%D0%B8%D1%82%D1%83%D0%BB%D0%B8%20-%20IVONA.UA&zyx=2377009216 HTTP/1.1
Host: z.cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Cookie: AU=66910b6b526aeeff
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 973
content-encoding: gzip
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0cda5f5909231bb447351341dbebb395
137988b18d60745f1109556e67421877090721c2
42523511d990bfe3c08a5904b10b47f0523f72c9f358d7adf0cd3d5a59faa5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5919
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Last-Modified: Wed, 08 Feb 2023 22:36:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
st11.rcvlink.com/2/304/4171746c1c98b40ab31f8d6a55dfe17e
136.243.84.75200 OK 15 kB URL HTTP/2 st11.rcvlink.com/2/304/4171746c1c98b40ab31f8d6a55dfe17e
IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 304x172, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce0c29dc61800cf1ae8e86c78ac4d6bc
fd53fc237c30d4570c3b45362fb2ed523116b1e6
aa56b42318625a5576c0250427226a07aa1dbb349e013780a4ce59fd2fe8b95a
GET /2/304/4171746c1c98b40ab31f8d6a55dfe17e HTTP/1.1
Host: st11.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.rcvlink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: image/webp
content-length: 14828
last-modified: Fri, 14 May 2021 14:45:02 GMT
etag: "609e8cee-dbdd"
expires: Wed, 10 May 2023 00:15:31 GMT
cache-control: max-age=7776000
access-control-allow-origin: *, *
timing-allow-origin: *, *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 659a77c7ca00dfecab8b385091bbd692
9678f3a7f553c28880ac23efb42fb474debf8286
61a339bdf6cec07b1f6ca4de487c938cce9c1a19fa808f014735ce0b0d96565a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61A339BDF6CEC07B1F6CA4DE487C938CCE9C1A19FA808F014735CE0B0D96565A"
Last-Modified: Tue, 07 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2089
Expires: Thu, 09 Feb 2023 00:50:20 GMT
Date: Thu, 09 Feb 2023 00:15:31 GMT
Connection: keep-alive
st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
136.243.84.75200 OK 16 kB URL HTTP/2 st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 304x172, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b8a76968a429ebfb00df217bf4c33bc
15ac6d3fde52be7e5d63586ea44d987df16e0b9f
66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48
GET /2/304/4fa0a4b4b34a13abefc36d1dc8305ceb HTTP/1.1
Host: st11.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.rcvlink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: image/webp
content-length: 16508
last-modified: Fri, 03 Jun 2022 09:50:28 GMT
etag: "6299d964-1bf89"
expires: Wed, 10 May 2023 00:15:31 GMT
cache-control: max-age=7776000
access-control-allow-origin: *, *
timing-allow-origin: *, *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d09192b0325fc351f837998af0ec0859
9a2e9bd3eafa7a522727e29908c1576e7d256a87
def6f8c8083625ad72cb4a4e93336979b5ab7d0181031f639c3abc3f5b63ef99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3328
Cache-Control: max-age=123383
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Etag: "63e36d1a-1d7"
Expires: Fri, 10 Feb 2023 10:31:54 GMT
Last-Modified: Wed, 08 Feb 2023 09:36:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 860de467316d92b1ed7e2fa684422280
a04742424d1b362f567a9731fbaae9c3f3517b23
83b765f874d89506346b7c2f5106c3a9983644d97f4fe315fa68d3a45733b7f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3325
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Last-Modified: Wed, 08 Feb 2023 23:20:06 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
st11.rcvlink.com/2/304/e8973919ddece9d7f0496f80e91a5f54
136.243.84.75200 OK 16 kB URL HTTP/2 st11.rcvlink.com/2/304/e8973919ddece9d7f0496f80e91a5f54
IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 304x171, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 799cd82003d406970465bc85cefe6c4c
204d4c4dc60d382bf716a7c38fb073644fa85010
182dbc6c626c936352a67024be598d5d4811fa763bcec32045a9dfc030d6b627
GET /2/304/e8973919ddece9d7f0496f80e91a5f54 HTTP/1.1
Host: st11.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.rcvlink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: image/webp
content-length: 16346
last-modified: Thu, 05 Jan 2023 09:10:52 GMT
etag: "63b6941c-2abe2"
expires: Wed, 10 May 2023 00:15:31 GMT
cache-control: max-age=7776000
access-control-allow-origin: *, *
timing-allow-origin: *, *
accept-ranges: bytes
X-Firefox-Spdy: h2
st11.rcvlink.com/2/304/618bb368d4ca2b981a0e5ecf1a7a581d
136.243.84.75200 OK 10 kB URL HTTP/2 st11.rcvlink.com/2/304/618bb368d4ca2b981a0e5ecf1a7a581d
IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 304x172, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dffc90478400e1a41c3df3814bbbf92e
69ef204f575d57d10bb3472f9bb5038ed43f33b5
e779e1a1547af5542eb2652cd73472e359f8b309baa94965eb3f17e3d777d00d
GET /2/304/618bb368d4ca2b981a0e5ecf1a7a581d HTTP/1.1
Host: st11.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.rcvlink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: image/webp
content-length: 10418
last-modified: Fri, 17 Dec 2021 13:33:09 GMT
etag: "61bc9195-ab7c"
expires: Wed, 10 May 2023 00:15:31 GMT
cache-control: max-age=7776000
access-control-allow-origin: *, *
timing-allow-origin: *, *
accept-ranges: bytes
X-Firefox-Spdy: h2
bgstats.mox.tv/magic.png
167.71.9.19200 OK 0 B IP 167.71.9.19:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /magic.png HTTP/1.1
Host: bgstats.mox.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: image/png
content-length: 0
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 718
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 09 Feb 2023 00:15:31 GMT
access-control-allow-origin: https://ivona.ua
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5eecee8746b80be9e0c125cd1a6fbe62
6bb07051e8d9ef26d47f7df9846f589178d77cbb
adc26481b4eb6697f772d1d79de38769c179963e7e9df9b093d368f031472345
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 13:56:50 GMT
Expires: Tue, 14 Feb 2023 13:56:49 GMT
Etag: "6bb07051e8d9ef26d47f7df9846f589178d77cbb"
Cache-Control: max-age=480677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7968693b4e67b4fd-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ce0c9bc2a6db0953de294199054df32
349a4f1fa3240e2b9d0a2254453ecaa4d78113e5
992aaf5ee320fb9291ced258e2b6fa49170bf1b5d54ee6b74955cf32719ebd93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4496
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Last-Modified: Wed, 08 Feb 2023 23:00:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8e109baddb22b573a373457259aac9ac
f5f95ff6171d3cb8b274fa8c1eb361a98faaf423
f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Last-Modified: Wed, 08 Feb 2023 22:35:42 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 054fdcff5853ca82fe55fb7655ec00c4
b048e1d16384aeaeac003db9119c30fe78ec4054
62ad987e23c51b53598d860d77e3ff16525632567e9098a20ea557ca8c7f007b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6521
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Last-Modified: Wed, 08 Feb 2023 22:26:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1187
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, no-store, must-revalidate
date: Thu, 09 Feb 2023 00:15:31 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 8.7 kB IP 93.184.220.29:0
Hash 6db3c5c59bccb0740d7faa447063c4f9
d9ba2e9b9f9a99fada1419f235ad902c0648c230
46f396ceeb449ff18a08f1cb4e2416f868ca095618f77f1e4894dfbc400d7f8b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4450
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Last-Modified: Wed, 08 Feb 2023 23:01:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
grid.bidswitch.net/hbjson
52.28.118.238200 OK 48 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 52.28.118.238:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3cd2d67fac1edf0d01f545ea3e586aed
eb06cb6c724f347c577adadf8efdbff51ae530cf
7301b10b40932010df7f82511242dbf5323a3ac6caa77d5d9c86b94ab4b4cb00
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1458
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: application/json
content-length: 48
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 686
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 09 Feb 2023 00:15:31 GMT
access-control-allow-origin: https://ivona.ua
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=30143652879
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=30143652879
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.25.4&cb=30143652879 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 873
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 09 Feb 2023 00:15:30 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ivona.ua
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=64155915-2391-41f5-b3cb-0b68e31eeb82%2C4ff5831c-d470-439c-8c84-f84a25545a79&nocache=1675901787607&pubcid=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42&aus=300x600%2C300x250%7C300x100&divids=div-gpt-ad-ivona.ua%252Fpremium_side_banner%2Cdiv-gpt-ad-ivona.ua%252Fmiddle_side_banner&aucs=%252F21861267298%252Fivona.ua%252Fpremium_side_banner%2523div-gpt-ad-ivona.ua%252Fpremium_side_banner%2C%252F21861267298%252Fivona.ua%252Fmiddle_side_banner%2523div-gpt-ad-ivona.ua%252Fmiddle_side_banner&auid=541177132%2C541177132
34.98.64.218200 OK 79 B URL HTTP/2 adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=64155915-2391-41f5-b3cb-0b68e31eeb82%2C4ff5831c-d470-439c-8c84-f84a25545a79&nocache=1675901787607&pubcid=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42&aus=300x600%2C300x250%7C300x100&divids=div-gpt-ad-ivona.ua%252Fpremium_side_banner%2Cdiv-gpt-ad-ivona.ua%252Fmiddle_side_banner&aucs=%252F21861267298%252Fivona.ua%252Fpremium_side_banner%2523div-gpt-ad-ivona.ua%252Fpremium_side_banner%2C%252F21861267298%252Fivona.ua%252Fmiddle_side_banner%2523div-gpt-ad-ivona.ua%252Fmiddle_side_banner&auid=541177132%2C541177132
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash 688369ac21cec4af316fd3b57dbafb15
f9f247c68e833a0d7fc440a3aa53f7d3eb4a8de8
7d8bdb1113ffd32016c213f009133b78cc5b99c217ee78f56d3ae618c78c42e5
GET /w/1.0/arj?ju=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=64155915-2391-41f5-b3cb-0b68e31eeb82%2C4ff5831c-d470-439c-8c84-f84a25545a79&nocache=1675901787607&pubcid=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42&aus=300x600%2C300x250%7C300x100&divids=div-gpt-ad-ivona.ua%252Fpremium_side_banner%2Cdiv-gpt-ad-ivona.ua%252Fmiddle_side_banner&aucs=%252F21861267298%252Fivona.ua%252Fpremium_side_banner%2523div-gpt-ad-ivona.ua%252Fpremium_side_banner%2C%252F21861267298%252Fivona.ua%252Fmiddle_side_banner%2523div-gpt-ad-ivona.ua%252Fmiddle_side_banner&auid=541177132%2C541177132 HTTP/1.1
Host: adtelligent-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ivona.ua
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=2716046&size_id=19&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42%5E1&rf=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&tg_i.pbadslot=%2F21861267298%2Fivona.ua%2Fmiddle_side_banner%23div-gpt-ad-ivona.ua%2Fmiddle_side_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=4ff5831c-d470-439c-8c84-f84a25545a79&l_pb_bid_id=2998e6a20dd86e1&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fivona.ua%2Fmiddle_side_banner%23div-gpt-ad-ivona.ua%2Fmiddle_side_banner&slots=1&rand=0.8518501286257285
213.19.162.51200 OK 342 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=2716046&size_id=19&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42%5E1&rf=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&tg_i.pbadslot=%2F21861267298%2Fivona.ua%2Fmiddle_side_banner%23div-gpt-ad-ivona.ua%2Fmiddle_side_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=4ff5831c-d470-439c-8c84-f84a25545a79&l_pb_bid_id=2998e6a20dd86e1&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fivona.ua%2Fmiddle_side_banner%23div-gpt-ad-ivona.ua%2Fmiddle_side_banner&slots=1&rand=0.8518501286257285
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (342), with no line terminators
Hash 10c96e5d1d45d91cfb64c7360d24ce55
02fdba92f387acc342e21ec30b5054d9ccef27b1
8bf7ace43219680119b7e8639683c0dd5906a2dc9c14bdde45bfa0e4fce0de72
GET /a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=2716046&size_id=19&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42%5E1&rf=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&tg_i.pbadslot=%2F21861267298%2Fivona.ua%2Fmiddle_side_banner%23div-gpt-ad-ivona.ua%2Fmiddle_side_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=4ff5831c-d470-439c-8c84-f84a25545a79&l_pb_bid_id=2998e6a20dd86e1&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fivona.ua%2Fmiddle_side_banner%23div-gpt-ad-ivona.ua%2Fmiddle_side_banner&slots=1&rand=0.8518501286257285 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDWCMBV6-3-1K52; Domain=.rubiconproject.com; Path=/; Expires=Fri, 09-Feb-2024 00:15:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EjCbPZYCsf1n+9DtVM30fCgweH8d56csowF6pn9bjau2whTt7TpkbikzG6FmltYou2qeh/unzTUsA==; Domain=.rubiconproject.com; Path=/; Expires=Fri, 09-Feb-2024 00:15:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 342
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 79c0da6f0bfb48ecec244b58f356b6e1
ae6d99ea140d4dc54e73d1691139fafa88dd8a64
6f4f4df66355c2238e1cc7409341dc48d42808ffd87dacff92db79527fa2fa19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F4F4DF66355C2238E1CC7409341DC48D42808FFD87DACFF92DB79527FA2FA19"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7102
Expires: Thu, 09 Feb 2023 02:13:53 GMT
Date: Thu, 09 Feb 2023 00:15:31 GMT
Connection: keep-alive
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 054fdcff5853ca82fe55fb7655ec00c4
b048e1d16384aeaeac003db9119c30fe78ec4054
62ad987e23c51b53598d860d77e3ff16525632567e9098a20ea557ca8c7f007b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6521
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Last-Modified: Wed, 08 Feb 2023 22:26:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=2716046&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42%5E1&rf=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&tg_i.pbadslot=%2F21861267298%2Fivona.ua%2Fpremium_side_banner%23div-gpt-ad-ivona.ua%2Fpremium_side_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=64155915-2391-41f5-b3cb-0b68e31eeb82&l_pb_bid_id=281b2ff79d97a238&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fivona.ua%2Fpremium_side_banner%23div-gpt-ad-ivona.ua%2Fpremium_side_banner&slots=1&rand=0.291315730558521
213.19.162.51200 OK 364 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=2716046&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42%5E1&rf=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&tg_i.pbadslot=%2F21861267298%2Fivona.ua%2Fpremium_side_banner%23div-gpt-ad-ivona.ua%2Fpremium_side_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=64155915-2391-41f5-b3cb-0b68e31eeb82&l_pb_bid_id=281b2ff79d97a238&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fivona.ua%2Fpremium_side_banner%23div-gpt-ad-ivona.ua%2Fpremium_side_banner&slots=1&rand=0.291315730558521
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash 3dec5d15a62f59131bfc26c005e9b39d
849f689bcf0a4519711e025948b009b9d7487a55
18391e03faace85bea024868811668ca75759bbdfcbe3f93e7a002dc2647b152
GET /a/api/fastlane.json?account_id=12398&site_id=50504&zone_id=2716046&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=b8c4ec0c-f44d-4ad8-a002-2b9c83dd2d42%5E1&rf=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&tg_i.pbadslot=%2F21861267298%2Fivona.ua%2Fpremium_side_banner%23div-gpt-ad-ivona.ua%2Fpremium_side_banner&tk_flint=pbjs_lite_v6.25.4&x_source.tid=64155915-2391-41f5-b3cb-0b68e31eeb82&l_pb_bid_id=281b2ff79d97a238&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21861267298%2Fivona.ua%2Fpremium_side_banner%23div-gpt-ad-ivona.ua%2Fpremium_side_banner&slots=1&rand=0.291315730558521 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDWCMBVZ-15-F9HS; Domain=.rubiconproject.com; Path=/; Expires=Fri, 09-Feb-2024 00:15:31 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr87zCjI5Ui7O9DtVM30fCgweH8d56csowF6pn9bjau2whTt7TpkbikzG6FmltYou2qeh/unzTUsA==; Domain=.rubiconproject.com; Path=/; Expires=Fri, 09-Feb-2024 00:15:31 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 364
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.253204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 742
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:15:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ivona.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.124200 OK 513 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.124:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1170), with no line terminators
Hash 181c7b7040d1a5b2e8e855774122a9ab
ab856f049b8ef207726844da2b5fab056f5975a5
90b550553177236a86792e19d99ba1d03677d32efbdfeb4a96a1008f1e7de84c
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 519
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Thu, 09 Feb 2023 00:15:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
vs=567947=5315055; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
pid=7131170107340910565; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638114985313047947&o=1; expires=Fri, 10 Feb 2023 00:15:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Fri, 10 Feb 2023 00:15:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.138.124200 OK 593 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.124:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1142), with no line terminators
Hash 97a3020995c694f14496798481e87576
cae7b122f5819136858d4038fcfd99d6b64d03c2
bd07d6a4f71940597109aae3e47932165b5ee011f6202406c5fc718bf3ff0c1f
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 521
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Thu, 09 Feb 2023 00:15:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
vs=567947=5315055; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
pid=3746523711003455256; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638114985312993500&o=1; expires=Fri, 10 Feb 2023 00:15:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Fri, 10 Feb 2023 00:15:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.138.124200 OK 601 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.124:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1241), with no line terminators
Hash 21665bd13ab5742e11f397812771a224
0d2cc8d0fb9c6681cd75ca3732250706c6b80805
3afa863aeb23f324e6b215eb816bd57121989a4fcbba32baf4f0465f0199398a
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 520
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Thu, 09 Feb 2023 00:15:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
vs=567947=5315055; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
pid=3845002281694031635; expires=Fri, 09 Feb 2024 00:15:31 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638114985313174026&o=1; expires=Fri, 10 Feb 2023 00:15:31 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Fri, 10 Feb 2023 00:15:31 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
inv-nets.admixer.net/prebid.1.2.aspx
146.0.227.110200 OK 42 B URL HTTP/1.1 inv-nets.admixer.net/prebid.1.2.aspx
IP 146.0.227.110:0
ASN #20773 Host Europe GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 2eed0c491d0240deafc0ac5287c838ad
9ddf084d3a5df11da05ea97ac14b0c0942d0ef2b
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
POST /prebid.1.2.aspx HTTP/1.1
Host: inv-nets.admixer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1622
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:15:31 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 42
Connection: keep-alive
Access-Control-Allow-Origin: https://ivona.ua
Access-Control-Allow-Credentials: true
X-Xss-Protection: 0
P3p: CP="NID DSP ALL COR"
Set-Cookie: am-uid=8741495c13fe4a4a85f7697fac2309f1; expires=Wed, 10 May 2023 00:15:31 GMT; domain=.admixer.net; secure; SameSite=None
Keep-Alive: timeout=25
4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 09 Feb 2023 00:15:31 GMT
expires: Fri, 09 Feb 2024 00:15:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-206274582-1&cid=1188224263.1675901786&jid=386401083&gjid=371176596&_gid=1397708354.1675901786&_u=YEBAAUAAAAAAACAAI~&z=1570438324
74.125.205.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-206274582-1&cid=1188224263.1675901786&jid=386401083&gjid=371176596&_gid=1397708354.1675901786&_u=YEBAAUAAAAAAACAAI~&z=1570438324
IP 74.125.205.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-206274582-1&cid=1188224263.1675901786&jid=386401083&gjid=371176596&_gid=1397708354.1675901786&_u=YEBAAUAAAAAAACAAI~&z=1570438324 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ivona.ua
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 00:15:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.membrana.media/geolocation.json
194.242.11.186200 OK 3 B URL HTTP/2 cdn.membrana.media/geolocation.json
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /geolocation.json HTTP/1.1
Host: cdn.membrana.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Origin: https://ivona.ua
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: text/plain
content-length: 3
server: BunnyCDN-NO1-830
cdn-pullzone: 139012
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cache-control: public, max-age=86400
etag: "622b54c3-3"
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
cdn-storageserver: DE-199
cdn-fileserver: 309
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/26/2023 10:40:20
cdn-edgestorageid: 830
x-ym-country: NO
cdn-status: 200
cdn-requestid: 295546d38cecbedebf98bf37f833d3ed
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ba42f3f0ed004e0cfd03b92e2645033f
9a14d1448e4a51cfe9fe06fda36211884f2ede42
a84bc1db167705c8070a8e6dcf8e16dd60c56a6f54121c86ce6feab78bc51810
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 02:30:26 GMT
Expires: Tue, 14 Feb 2023 02:30:25 GMT
Etag: "9a14d1448e4a51cfe9fe06fda36211884f2ede42"
Cache-Control: max-age=439493,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7968693ec92cb4fd-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7bc3d9d8ad773d121a699d869e211349
8aaa4844fa4e4668426563a70a2dff1205c8eb56
755ac5609d4906139a83765d41af9a3f6b71593f764daa0fb83fc56b6627552f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "755AC5609D4906139A83765D41AF9A3F6B71593F764DAA0FB83FC56B6627552F"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9373
Expires: Thu, 09 Feb 2023 02:51:44 GMT
Date: Thu, 09 Feb 2023 00:15:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.membrana.media/video/nts/desktop/videoSources.json
194.242.11.186200 OK 696 B URL HTTP/2 cdn.membrana.media/video/nts/desktop/videoSources.json
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JSON data\012- , ASCII text, with no line terminators
Hash afca4ef9b9544f2e44f5ee42c1d67ad5
c990975722db3bd757c61936ef1d1a2ed0f4dc54
d53466bd6cbb400d2ae88a3a449d1dde3dc4c44d58ecd837c56a491183f5a2c1
GET /video/nts/desktop/videoSources.json HTTP/1.1
Host: cdn.membrana.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: text/plain
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 139012
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
etag: W/"63e12b6a-112"
last-modified: Mon, 06 Feb 2023 16:31:38 GMT
cdn-storageserver: DE-197
cdn-fileserver: 280
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/06/2023 16:33:40
cdn-edgestorageid: 830
timing-allow-origin: *
cdn-status: 200
cdn-requestid: 3880ccd24b5d83c6228acb7d1833966a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-206274582-1&cid=1188224263.1675901786&jid=386401083&_u=YEBAAUAAAAAAACAAI~&z=977463721
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-206274582-1&cid=1188224263.1675901786&jid=386401083&_u=YEBAAUAAAAAAACAAI~&z=977463721
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-206274582-1&cid=1188224263.1675901786&jid=386401083&_u=YEBAAUAAAAAAACAAI~&z=977463721 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 00:15:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ym-tack.b-cdn.net/load_playlist_attempt?notsy;UMH;https://cdn.membrana.media/video/nts/desktop/videoSources.json;05abca64-943a-47fe-834a-3046ca095916
138.199.36.10200 OK 0 B URL HTTP/2 ym-tack.b-cdn.net/load_playlist_attempt?notsy;UMH;https://cdn.membrana.media/video/nts/desktop/videoSources.json;05abca64-943a-47fe-834a-3046ca095916
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load_playlist_attempt?notsy;UMH;https://cdn.membrana.media/video/nts/desktop/videoSources.json;05abca64-943a-47fe-834a-3046ca095916 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:32 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
etag: W/"63cacd1b-2b0"
cdn-storageserver: DE-167
cdn-fileserver: 256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 405
cdn-cachedat: 02/09/2023 00:15:32
cdn-edgestorageid: 1053
cdn-requestid: f4c07d9f277302819e42bb4386d4501d
content-encoding: br
X-Firefox-Spdy: h2
ghb.adtelligent.com/adunit/multitracking
185.239.173.66204 No Content 0 B URL HTTP/1.1 ghb.adtelligent.com/adunit/multitracking
IP 185.239.173.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3910
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: Adtelligent
Date: Thu, 09 Feb 2023 00:15:31 GMT
Access-Control-Allow-Origin: https://ivona.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ce16eb3f192a9b6b2100a8e75b628ed
484ba3f3546b5b0bc11c12d2401dc18313c07d4b
385323b7f5e61112814256e114903072fc62e432bf628c7d7191d9654507a9e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "385323B7F5E61112814256E114903072FC62E432BF628C7D7191D9654507A9E3"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Thu, 09 Feb 2023 01:03:57 GMT
Date: Thu, 09 Feb 2023 00:15:32 GMT
Connection: keep-alive
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=d51853af
185.86.139.102200 OK 57 kB URL HTTP/2 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=d51853af
IP 185.86.139.102:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash f8adf434d2ff6fbdd9755cc3d112cad0
f016373cbfde51b8dc1ef7d4accf21acef6e6f40
ea5c65a7d52c5cb2631f389c0610c9737e082658082dcea1c0f25557a63b484a
GET /redir/?issi=1&partnerid=133&partneruserid=d51853af HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ssbsync.smartadserver.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Thu, 09 Feb 2023 00:15:29 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=5759910723311398900; expires=Sat, 09 Mar 2024 00:15:30 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 09 Mar 2024 00:15:30 GMT; domain=smartadserver.com; path=/
csync=133:d51853af; expires=Fri, 09 Feb 2024 00:15:30 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/ha4k656wqlc8?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D
136.243.149.243200 OK 4.2 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/ha4k656wqlc8?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D
IP 136.243.149.243:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1757), with CRLF line terminators
Hash e8c409cd8f21d505a097b490a7a7c7d9
595b1eee35e4e0b33ce7880a7da533d0cb5eaa81
852aa590d60fbee4423ff027fdf1d9e11bed504d243e8170c097390e1f970503
GET /zone/ha4k656wqlc8?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4155
Connection: close
Content-Type: text/html; charset=UTF-8
ym-tack.b-cdn.net/load_playlist_success?notsy;UMH;https://cdn.membrana.media/video/nts/desktop/videoSources.json;05abca64-943a-47fe-834a-3046ca095916
138.199.36.10200 OK 14 kB URL HTTP/2 ym-tack.b-cdn.net/load_playlist_success?notsy;UMH;https://cdn.membrana.media/video/nts/desktop/videoSources.json;05abca64-943a-47fe-834a-3046ca095916
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (688), with no line terminators
Hash a4e9f2edba0d74d696f141a11549c714
fe6d88b54dc53b79a4788e2793f7beb8e3bc30ed
6cbad7aa2e8095e27c12cbd33a4848ba2e92d4944d29119c0d6bf2ad0a29e9d6
POST /load_playlist_success?notsy;UMH;https://cdn.membrana.media/video/nts/desktop/videoSources.json;05abca64-943a-47fe-834a-3046ca095916 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:32 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
etag: W/"63cacd7f-2b0"
cdn-storageserver: DE-197
cdn-fileserver: 332
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 405
cdn-cachedat: 02/09/2023 00:15:32
cdn-edgestorageid: 1053
cdn-requestid: 544e6bbdd0139bc432cf6f49a252b70c
content-encoding: br
X-Firefox-Spdy: h2
membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206.webp
91.194.251.83200 OK 29 kB URL HTTP/2 membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206.webp
IP 91.194.251.83:0
ASN #42352 TOV 'Dream Line Holding'
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c4d6d8edf073ea686fc656c085d883ae
c9d0fa3df9f35520206c4a2f948270acb7cc68d5
00542d791eeca2a7e2e73d2442c903a9c600e22028c2e3afa126db160d86d8c9
GET /nts/desktop/membrana-main42-7709-20230206.webp HTTP/1.1
Host: membrana-cdn.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:32 GMT
content-type: image/webp
content-length: 28808
last-modified: Mon, 06 Feb 2023 16:31:38 GMT
etag: "63e12b6a-7088"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
hal900011.redintelligence.net/request.php?zone=ha4k656wqlc8&nw=20&renderingType=javascript&namespace=5011501dee&subid=&uid=3df8ed8152f7ca72&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D&documentReferer=https%3A%2F%2Fivona.ua%2F&ancestorOrigins=null&random=5561346500203&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
138.201.64.38302 Found 0 B URL HTTP/1.1 hal900011.redintelligence.net/request.php?zone=ha4k656wqlc8&nw=20&renderingType=javascript&namespace=5011501dee&subid=&uid=3df8ed8152f7ca72&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D&documentReferer=https%3A%2F%2Fivona.ua%2F&ancestorOrigins=null&random=5561346500203&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 138.201.64.38:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=ha4k656wqlc8&nw=20&renderingType=javascript&namespace=5011501dee&subid=&uid=3df8ed8152f7ca72&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D&documentReferer=https%3A%2F%2Fivona.ua%2F&ancestorOrigins=null&random=5561346500203&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900011.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 09 Feb 2023 00:15:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 09 Feb 2023 00:15:33 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=443c81504407dbf9; expires=Wed, 10-May-2023 00:15:33 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=ha4k656wqlc8&nw=20&renderingType=javascript&namespace=5011501dee&subid=&uid=3df8ed8152f7ca72&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D&documentReferer=https%3A%2F%2Fivona.ua%2F&ancestorOrigins=null&random=5561346500203&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/simgad/16640864216906321507
216.58.211.6200 OK 46 kB URL HTTP/2 s0.2mdn.net/simgad/16640864216906321507
IP 216.58.211.6:0
File type PNG image data, 300 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash fbda1d41f3f0fb825a253b3d567a54d4
2bbfeffb4409beaca6df0f7a1c0df07fea7f7510
ed586aa20734acb06a14e27e51ec99f706946ac1c8c388635eae71ff7490b34f
GET /simgad/16640864216906321507 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 45564
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 14:26:01 GMT
expires: Tue, 06 Feb 2024 14:26:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Feb 2023 14:23:43 GMT
content-type: image/png
age: 208172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s0.2mdn.net/instream/video/client.js
216.58.211.6200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Thu, 09 Feb 2023 00:15:33 GMT
expires: Thu, 09 Feb 2023 00:15:33 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLN1e0Q-FYXXlnsBb06XpmdiE63HaCY0uv7bSoFIcYskZqZoXABJ6FyuUs3Sx6J2jzIq234L3rvt11EEczhimIB-kmfKJO0j-K7YjrZ650CwrRXQhnFuzC0fo5wlRagwHuWieMOMEgJ7n0rK6bZJWN0FBLdR6a1_JqQchoIWnHajUkzH72FY-o7nTfC-SC3m3Ihyb6NHEIahQLCzMKNWtyJW2GiMVQ2nrRpN1iLv2DAgnbhtY9QiV867Vff1w3-nGB2Ixh__dsw3fg0oRoi8i7hQgqvnVcmZ8fca9U1PHhh5qY9Ywm7qW2-PbRWo0FG9NOk9zIieRhQsmQzKqyrigIqd6aHxmNbN_K056D21-vsPO04QCzj9JhhZSCUfki7LuTwbmaBR1N5yaVmgGmbLxrddAFaKnpd9Hu4EV337M5-8IIR9_PI-VAGzpUt-smk92TTNE9z4HupMpvq3KmEYejZzA1tPgMFJtto4tlUWWi7ZwubtmOtEDVtI-PB1BRTEgb2m7F-oSlBR2fyE9foMes0w-HgmLwtUZcn8JwRonpzXdreIaIBEm6z4MKqchdQy5Q4eodPhpuJRM4u3R0NYm7TCV3B_6HPEhfU2CbDVpztmbT-ng8cubYLYX8xScdGixaD2OcMdjFTu-wfm56iQv9Ckl_vyzX8UOGBN7hW1GzPX3SfjhNnY1nQP3IgGuSi8KRpPa72heQGZBg5UN9FeCfX8WIc0-DBuNEXSTwPLx2StjHiCf3otGqsJcmCzZBS2iC93FWb58yPze6WRkzUV6Zcfu3LPS2fy-M19tm-Frs1WNx4Bysw00GJk8QZ2VgBnuugesadtiw1nSBwWh13tOLmEo-lIMED-I04-WwOtum0L1jun2XluP-zhIDBfqtYvNOtflx5C-ooZE2OZuI_bxlAtiaRNCOUoDbFOPJ9XAhfJAVcPHmTfR8OrtjojqCi66hwcz_pyas-Qn5EHNod6Z065Ygj8rzYyYdZGougl1J0QtRQ0Ax-8_hDbukKQHinz73XktxRiLBLO_klhp1gPsEeGdLi2IIqokucuSEA5EG3SN1IgqTbF8ZrQL6-FmeEvIZX3cgV8QpFfBOYzucOw6SHAg4LwI5H_qKvV0PUwFvf_9WMn_5u-9NmxrS61gZ3SpiBpKc86e7mMMxZjffrovizfdqNdpXH02W__1gs1HkrFySaHa8&sai=AMfl-YQJqRdkbnoQbBnIq1IaDTU-2E5gHlWOOlXAXw3angNB1m6ppeiaR6m8PQnPOv-TwlqWZEma7niR2dcO0TGn9zU-3n5LsYnTXNMm455y9ooj8Z70g_FZSXWipPxff7uq0glFlbiP78nkUYElZCPUWoGcRL_b1t2Cbau4sKzi03dcpITVp8N_p0U1As2B8uOHg8PBDKOZ_hFRDyhIHPuTsNo1aHNu7bDgaDZOy_1JbvI_cQr-e5XvZ1SJLvY06IVArn1j27x9lkYBFgycti7w37Pj1FvZyOHaBYp6XJFo5UeZbQ&sig=Cg0ArKJSzO-tCPO7N6kEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20230207.92761&arae=0&ftch=1&adurl=
216.58.207.226200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLN1e0Q-FYXXlnsBb06XpmdiE63HaCY0uv7bSoFIcYskZqZoXABJ6FyuUs3Sx6J2jzIq234L3rvt11EEczhimIB-kmfKJO0j-K7YjrZ650CwrRXQhnFuzC0fo5wlRagwHuWieMOMEgJ7n0rK6bZJWN0FBLdR6a1_JqQchoIWnHajUkzH72FY-o7nTfC-SC3m3Ihyb6NHEIahQLCzMKNWtyJW2GiMVQ2nrRpN1iLv2DAgnbhtY9QiV867Vff1w3-nGB2Ixh__dsw3fg0oRoi8i7hQgqvnVcmZ8fca9U1PHhh5qY9Ywm7qW2-PbRWo0FG9NOk9zIieRhQsmQzKqyrigIqd6aHxmNbN_K056D21-vsPO04QCzj9JhhZSCUfki7LuTwbmaBR1N5yaVmgGmbLxrddAFaKnpd9Hu4EV337M5-8IIR9_PI-VAGzpUt-smk92TTNE9z4HupMpvq3KmEYejZzA1tPgMFJtto4tlUWWi7ZwubtmOtEDVtI-PB1BRTEgb2m7F-oSlBR2fyE9foMes0w-HgmLwtUZcn8JwRonpzXdreIaIBEm6z4MKqchdQy5Q4eodPhpuJRM4u3R0NYm7TCV3B_6HPEhfU2CbDVpztmbT-ng8cubYLYX8xScdGixaD2OcMdjFTu-wfm56iQv9Ckl_vyzX8UOGBN7hW1GzPX3SfjhNnY1nQP3IgGuSi8KRpPa72heQGZBg5UN9FeCfX8WIc0-DBuNEXSTwPLx2StjHiCf3otGqsJcmCzZBS2iC93FWb58yPze6WRkzUV6Zcfu3LPS2fy-M19tm-Frs1WNx4Bysw00GJk8QZ2VgBnuugesadtiw1nSBwWh13tOLmEo-lIMED-I04-WwOtum0L1jun2XluP-zhIDBfqtYvNOtflx5C-ooZE2OZuI_bxlAtiaRNCOUoDbFOPJ9XAhfJAVcPHmTfR8OrtjojqCi66hwcz_pyas-Qn5EHNod6Z065Ygj8rzYyYdZGougl1J0QtRQ0Ax-8_hDbukKQHinz73XktxRiLBLO_klhp1gPsEeGdLi2IIqokucuSEA5EG3SN1IgqTbF8ZrQL6-FmeEvIZX3cgV8QpFfBOYzucOw6SHAg4LwI5H_qKvV0PUwFvf_9WMn_5u-9NmxrS61gZ3SpiBpKc86e7mMMxZjffrovizfdqNdpXH02W__1gs1HkrFySaHa8&sai=AMfl-YQJqRdkbnoQbBnIq1IaDTU-2E5gHlWOOlXAXw3angNB1m6ppeiaR6m8PQnPOv-TwlqWZEma7niR2dcO0TGn9zU-3n5LsYnTXNMm455y9ooj8Z70g_FZSXWipPxff7uq0glFlbiP78nkUYElZCPUWoGcRL_b1t2Cbau4sKzi03dcpITVp8N_p0U1As2B8uOHg8PBDKOZ_hFRDyhIHPuTsNo1aHNu7bDgaDZOy_1JbvI_cQr-e5XvZ1SJLvY06IVArn1j27x9lkYBFgycti7w37Pj1FvZyOHaBYp6XJFo5UeZbQ&sig=Cg0ArKJSzO-tCPO7N6kEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20230207.92761&arae=0&ftch=1&adurl=
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvLN1e0Q-FYXXlnsBb06XpmdiE63HaCY0uv7bSoFIcYskZqZoXABJ6FyuUs3Sx6J2jzIq234L3rvt11EEczhimIB-kmfKJO0j-K7YjrZ650CwrRXQhnFuzC0fo5wlRagwHuWieMOMEgJ7n0rK6bZJWN0FBLdR6a1_JqQchoIWnHajUkzH72FY-o7nTfC-SC3m3Ihyb6NHEIahQLCzMKNWtyJW2GiMVQ2nrRpN1iLv2DAgnbhtY9QiV867Vff1w3-nGB2Ixh__dsw3fg0oRoi8i7hQgqvnVcmZ8fca9U1PHhh5qY9Ywm7qW2-PbRWo0FG9NOk9zIieRhQsmQzKqyrigIqd6aHxmNbN_K056D21-vsPO04QCzj9JhhZSCUfki7LuTwbmaBR1N5yaVmgGmbLxrddAFaKnpd9Hu4EV337M5-8IIR9_PI-VAGzpUt-smk92TTNE9z4HupMpvq3KmEYejZzA1tPgMFJtto4tlUWWi7ZwubtmOtEDVtI-PB1BRTEgb2m7F-oSlBR2fyE9foMes0w-HgmLwtUZcn8JwRonpzXdreIaIBEm6z4MKqchdQy5Q4eodPhpuJRM4u3R0NYm7TCV3B_6HPEhfU2CbDVpztmbT-ng8cubYLYX8xScdGixaD2OcMdjFTu-wfm56iQv9Ckl_vyzX8UOGBN7hW1GzPX3SfjhNnY1nQP3IgGuSi8KRpPa72heQGZBg5UN9FeCfX8WIc0-DBuNEXSTwPLx2StjHiCf3otGqsJcmCzZBS2iC93FWb58yPze6WRkzUV6Zcfu3LPS2fy-M19tm-Frs1WNx4Bysw00GJk8QZ2VgBnuugesadtiw1nSBwWh13tOLmEo-lIMED-I04-WwOtum0L1jun2XluP-zhIDBfqtYvNOtflx5C-ooZE2OZuI_bxlAtiaRNCOUoDbFOPJ9XAhfJAVcPHmTfR8OrtjojqCi66hwcz_pyas-Qn5EHNod6Z065Ygj8rzYyYdZGougl1J0QtRQ0Ax-8_hDbukKQHinz73XktxRiLBLO_klhp1gPsEeGdLi2IIqokucuSEA5EG3SN1IgqTbF8ZrQL6-FmeEvIZX3cgV8QpFfBOYzucOw6SHAg4LwI5H_qKvV0PUwFvf_9WMn_5u-9NmxrS61gZ3SpiBpKc86e7mMMxZjffrovizfdqNdpXH02W__1gs1HkrFySaHa8&sai=AMfl-YQJqRdkbnoQbBnIq1IaDTU-2E5gHlWOOlXAXw3angNB1m6ppeiaR6m8PQnPOv-TwlqWZEma7niR2dcO0TGn9zU-3n5LsYnTXNMm455y9ooj8Z70g_FZSXWipPxff7uq0glFlbiP78nkUYElZCPUWoGcRL_b1t2Cbau4sKzi03dcpITVp8N_p0U1As2B8uOHg8PBDKOZ_hFRDyhIHPuTsNo1aHNu7bDgaDZOy_1JbvI_cQr-e5XvZ1SJLvY06IVArn1j27x9lkYBFgycti7w37Pj1FvZyOHaBYp6XJFo5UeZbQ&sig=Cg0ArKJSzO-tCPO7N6kEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20230207.92761&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 00:15:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 00:30:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Feb 2023 00:15:33 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 808b8bcde8023e50a7983f32153a5ec2
afcdf26d583d223dd9e89fab23c8bb42a8bbbed0
683eb688005206619954fade8a9eb484c6ff692c1b95440c824848c1fae1c5f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:33 GMT
Last-Modified: Thu, 09 Feb 2023 00:07:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
hal900011.redintelligence.net/request.php?zone=ha4k656wqlc8&nw=20&renderingType=javascript&namespace=5011501dee&subid=&uid=3df8ed8152f7ca72&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D&documentReferer=https%3A%2F%2Fivona.ua%2F&ancestorOrigins=null&random=5561346500203&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
138.201.64.38200 OK 512 B URL HTTP/1.1 hal900011.redintelligence.net/request.php?zone=ha4k656wqlc8&nw=20&renderingType=javascript&namespace=5011501dee&subid=&uid=3df8ed8152f7ca72&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D&documentReferer=https%3A%2F%2Fivona.ua%2F&ancestorOrigins=null&random=5561346500203&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 138.201.64.38:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash a1a98884b8990892513782f4bdcbeb7e
e50416f1f3ddf4d1a3b2dc9a540fb0d9bcdb1bd6
7ce69110e71c092dfba52a989d8f5e0c5e53ee772ad15a3efcd2271ca57f5f35
GET /request.php?zone=ha4k656wqlc8&nw=20&renderingType=javascript&namespace=5011501dee&subid=&uid=3df8ed8152f7ca72&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=300x100&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvRWjIzvkY4DmLsWExdwPo_Cm-A3JuaKcaYTAzc7VD_AuEAEgitb8lwFgw4SAgJgYyAEJqQJ81Vyql_-xPqgDAaoE7AFP0JNMMSZRz9GHxN4UOtneO1APldXnw1wmTpqSr149JF7trCYrw0aW8PlrieYlUHq2NEUCU5ct0SmHnDMdD2cxzqqQHJRERHNsfNActpyFsxB3Kcf133j3Rg4yGUOvpvEQHvlKBA8F0etl46lTwq7vyNuDKsup1paQuwgKJJ5tjY_boNmD3ctQ03NhNttD7m_RbPPnsoVf64hsKBoTUAnXclp6KYp6PCTYSw3f_GOvQE_rnVfze4RfQ6Ncy4lkjSfFb2bYMUJuWA8DYI6FOhQvYTl5Hi91yLWEQSeHM_HuaQO2OVyYxco6dX0yVcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymOxPJVl92ofWzwJTYEtOcyHEnncOq1ZAGMP6IoBrm2-a44TCNDUUNr4TkzrquMi6LH8RwKtP50xZC8I-9kUfFjhdTa16hmLoYAQ%26sig%3DAOD64_1LqzRXggX0JWf4MMclg6imGgvgkQ%26client%3Dca-pub-9370473528685580%26dbm_c%3DAKAmf-As2ggKn2nGay5iUVTc_aW5kyeox6YoNY5ItuL6EmtrDbHQcvxN5vMAjhYkKqh5NdYYqrlW18QL8lYdjNS5Zbv9rWGgz29QbWhmRNu8HB76zspvdWhdEvqcrEdhNWwTbi73AzDcJZK_OSSOLIA5H1tlsSkZEPD64FlOl_bbF4frnOKla3U%26cry%3D1%26dbm_d%3DAKAmf-CWZg2jVXzueZGVKPt2Q1TyX-X4fYAeWxBQ3YHpqwwwnHyQe_nz1tYnybW6SlkyH2wq4T2s3_gE6rsJx2qNUWOkHdp_b7mRzRMfX_nv5zsubuT8ijaR-kS8i8lmndtPr1kNbq10ZsdegLBXdTbO2ocMn8eToVMILB81spElmccflgeENsndJAnmRLfq7rli-0uhjPAoL24rgqXL4GzbISvjhfKbAJfQNyzCoK1Ojd6hMIBNlzhcqqpBCF-ofMdA5wRoqLlSAJ0Abh6xa5evuDqugRRisKvoTcYJ8cwS4Ip5Wyb8XnUZ9OyiNz3afHt1wOzLsM3i5sBIKPD-I0dbeNswA1mJrHu0H2Aeuen4SEPyMjAiEaXay9Sp0ZF-WhjAZMZXyivI5LZpeTYfdFPU6CnBcXEDCUAMXbxRC7hfEP8uKrbXHLaon_WG2E5aze6LV9pcUYCphWvQDYtuRqPoy_GXFnJfrZ2EIUSiG05gGtc-gKgq_8C_RYibOLO3QiM63tC1K5XgOwsdmO5fzAep1o2axX4nFqqcg0VmRcqvHXyjKzmfr4D-xqanWK7gfbtjY7yZ0e7ZAWGS7hX6RGEpelknX83TKgIg3jcN59V4IizXMV2ZToMWxSBKsRHZHL5vPipfWMGf%26adurl%3D&documentReferer=https%3A%2F%2Fivona.ua%2F&ancestorOrigins=null&random=5561346500203&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900011.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=443c81504407dbf9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 09 Feb 2023 00:15:33 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=443c81504407dbf9; expires=Wed, 10-May-2023 00:15:33 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 30926100005206704439914012230011
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 512
Connection: close
Content-Type: application/x-javascript; charset=utf-8
ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
138.199.36.10200 OK 8.8 kB URL HTTP/2 ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (677)
Hash 24484e40c5424462f39b5a42b75e518d
546efe09ec8a077307cebaa796e45f2792480ea9
6a8a341bbf77575d92a8f3fba8b7c1f7a1ba9f157dd073918f61f7ad10d75eaa
POST /load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
cdn-storageserver: DE-51
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 404
cdn-cachedat: 02/09/2023 00:15:33
cdn-edgestorageid: 1053
cdn-requestid: 3b8cdb37840c3709561a32f31f6a073a
content-encoding: br
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLN1e0Q-FYXXlnsBb06XpmdiE63HaCY0uv7bSoFIcYskZqZoXABJ6FyuUs3Sx6J2jzIq234L3rvt11EEczhimIB-kmfKJO0j-K7YjrZ650CwrRXQhnFuzC0fo5wlRagwHuWieMOMEgJ7n0rK6bZJWN0FBLdR6a1_JqQchoIWnHajUkzH72FY-o7nTfC-SC3m3Ihyb6NHEIahQLCzMKNWtyJW2GiMVQ2nrRpN1iLv2DAgnbhtY9QiV867Vff1w3-nGB2Ixh__dsw3fg0oRoi8i7hQgqvnVcmZ8fca9U1PHhh5qY9Ywm7qW2-PbRWo0FG9NOk9zIieRhQsmQzKqyrigIqd6aHxmNbN_K056D21-vsPO04QCzj9JhhZSCUfki7LuTwbmaBR1N5yaVmgGmbLxrddAFaKnpd9Hu4EV337M5-8IIR9_PI-VAGzpUt-smk92TTNE9z4HupMpvq3KmEYejZzA1tPgMFJtto4tlUWWi7ZwubtmOtEDVtI-PB1BRTEgb2m7F-oSlBR2fyE9foMes0w-HgmLwtUZcn8JwRonpzXdreIaIBEm6z4MKqchdQy5Q4eodPhpuJRM4u3R0NYm7TCV3B_6HPEhfU2CbDVpztmbT-ng8cubYLYX8xScdGixaD2OcMdjFTu-wfm56iQv9Ckl_vyzX8UOGBN7hW1GzPX3SfjhNnY1nQP3IgGuSi8KRpPa72heQGZBg5UN9FeCfX8WIc0-DBuNEXSTwPLx2StjHiCf3otGqsJcmCzZBS2iC93FWb58yPze6WRkzUV6Zcfu3LPS2fy-M19tm-Frs1WNx4Bysw00GJk8QZ2VgBnuugesadtiw1nSBwWh13tOLmEo-lIMED-I04-WwOtum0L1jun2XluP-zhIDBfqtYvNOtflx5C-ooZE2OZuI_bxlAtiaRNCOUoDbFOPJ9XAhfJAVcPHmTfR8OrtjojqCi66hwcz_pyas-Qn5EHNod6Z065Ygj8rzYyYdZGougl1J0QtRQ0Ax-8_hDbukKQHinz73XktxRiLBLO_klhp1gPsEeGdLi2IIqokucuSEA5EG3SN1IgqTbF8ZrQL6-FmeEvIZX3cgV8QpFfBOYzucOw6SHAg4LwI5H_qKvV0PUwFvf_9WMn_5u-9NmxrS61gZ3SpiBpKc86e7mMMxZjffrovizfdqNdpXH02W__1gs1HkrFySaHa8&sai=AMfl-YQJqRdkbnoQbBnIq1IaDTU-2E5gHlWOOlXAXw3angNB1m6ppeiaR6m8PQnPOv-TwlqWZEma7niR2dcO0TGn9zU-3n5LsYnTXNMm455y9ooj8Z70g_FZSXWipPxff7uq0glFlbiP78nkUYElZCPUWoGcRL_b1t2Cbau4sKzi03dcpITVp8N_p0U1As2B8uOHg8PBDKOZ_hFRDyhIHPuTsNo1aHNu7bDgaDZOy_1JbvI_cQr-e5XvZ1SJLvY06IVArn1j27x9lkYBFgycti7w37Pj1FvZyOHaBYp6XJFo5UeZbQ&sig=Cg0ArKJSzO-tCPO7N6kEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=678&vt=11&dtpt=678&dett=2&cstd=0&cisv=r20230207.92761&arae=0&ftch=1&adurl=
216.58.207.226200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLN1e0Q-FYXXlnsBb06XpmdiE63HaCY0uv7bSoFIcYskZqZoXABJ6FyuUs3Sx6J2jzIq234L3rvt11EEczhimIB-kmfKJO0j-K7YjrZ650CwrRXQhnFuzC0fo5wlRagwHuWieMOMEgJ7n0rK6bZJWN0FBLdR6a1_JqQchoIWnHajUkzH72FY-o7nTfC-SC3m3Ihyb6NHEIahQLCzMKNWtyJW2GiMVQ2nrRpN1iLv2DAgnbhtY9QiV867Vff1w3-nGB2Ixh__dsw3fg0oRoi8i7hQgqvnVcmZ8fca9U1PHhh5qY9Ywm7qW2-PbRWo0FG9NOk9zIieRhQsmQzKqyrigIqd6aHxmNbN_K056D21-vsPO04QCzj9JhhZSCUfki7LuTwbmaBR1N5yaVmgGmbLxrddAFaKnpd9Hu4EV337M5-8IIR9_PI-VAGzpUt-smk92TTNE9z4HupMpvq3KmEYejZzA1tPgMFJtto4tlUWWi7ZwubtmOtEDVtI-PB1BRTEgb2m7F-oSlBR2fyE9foMes0w-HgmLwtUZcn8JwRonpzXdreIaIBEm6z4MKqchdQy5Q4eodPhpuJRM4u3R0NYm7TCV3B_6HPEhfU2CbDVpztmbT-ng8cubYLYX8xScdGixaD2OcMdjFTu-wfm56iQv9Ckl_vyzX8UOGBN7hW1GzPX3SfjhNnY1nQP3IgGuSi8KRpPa72heQGZBg5UN9FeCfX8WIc0-DBuNEXSTwPLx2StjHiCf3otGqsJcmCzZBS2iC93FWb58yPze6WRkzUV6Zcfu3LPS2fy-M19tm-Frs1WNx4Bysw00GJk8QZ2VgBnuugesadtiw1nSBwWh13tOLmEo-lIMED-I04-WwOtum0L1jun2XluP-zhIDBfqtYvNOtflx5C-ooZE2OZuI_bxlAtiaRNCOUoDbFOPJ9XAhfJAVcPHmTfR8OrtjojqCi66hwcz_pyas-Qn5EHNod6Z065Ygj8rzYyYdZGougl1J0QtRQ0Ax-8_hDbukKQHinz73XktxRiLBLO_klhp1gPsEeGdLi2IIqokucuSEA5EG3SN1IgqTbF8ZrQL6-FmeEvIZX3cgV8QpFfBOYzucOw6SHAg4LwI5H_qKvV0PUwFvf_9WMn_5u-9NmxrS61gZ3SpiBpKc86e7mMMxZjffrovizfdqNdpXH02W__1gs1HkrFySaHa8&sai=AMfl-YQJqRdkbnoQbBnIq1IaDTU-2E5gHlWOOlXAXw3angNB1m6ppeiaR6m8PQnPOv-TwlqWZEma7niR2dcO0TGn9zU-3n5LsYnTXNMm455y9ooj8Z70g_FZSXWipPxff7uq0glFlbiP78nkUYElZCPUWoGcRL_b1t2Cbau4sKzi03dcpITVp8N_p0U1As2B8uOHg8PBDKOZ_hFRDyhIHPuTsNo1aHNu7bDgaDZOy_1JbvI_cQr-e5XvZ1SJLvY06IVArn1j27x9lkYBFgycti7w37Pj1FvZyOHaBYp6XJFo5UeZbQ&sig=Cg0ArKJSzO-tCPO7N6kEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=678&vt=11&dtpt=678&dett=2&cstd=0&cisv=r20230207.92761&arae=0&ftch=1&adurl=
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvLN1e0Q-FYXXlnsBb06XpmdiE63HaCY0uv7bSoFIcYskZqZoXABJ6FyuUs3Sx6J2jzIq234L3rvt11EEczhimIB-kmfKJO0j-K7YjrZ650CwrRXQhnFuzC0fo5wlRagwHuWieMOMEgJ7n0rK6bZJWN0FBLdR6a1_JqQchoIWnHajUkzH72FY-o7nTfC-SC3m3Ihyb6NHEIahQLCzMKNWtyJW2GiMVQ2nrRpN1iLv2DAgnbhtY9QiV867Vff1w3-nGB2Ixh__dsw3fg0oRoi8i7hQgqvnVcmZ8fca9U1PHhh5qY9Ywm7qW2-PbRWo0FG9NOk9zIieRhQsmQzKqyrigIqd6aHxmNbN_K056D21-vsPO04QCzj9JhhZSCUfki7LuTwbmaBR1N5yaVmgGmbLxrddAFaKnpd9Hu4EV337M5-8IIR9_PI-VAGzpUt-smk92TTNE9z4HupMpvq3KmEYejZzA1tPgMFJtto4tlUWWi7ZwubtmOtEDVtI-PB1BRTEgb2m7F-oSlBR2fyE9foMes0w-HgmLwtUZcn8JwRonpzXdreIaIBEm6z4MKqchdQy5Q4eodPhpuJRM4u3R0NYm7TCV3B_6HPEhfU2CbDVpztmbT-ng8cubYLYX8xScdGixaD2OcMdjFTu-wfm56iQv9Ckl_vyzX8UOGBN7hW1GzPX3SfjhNnY1nQP3IgGuSi8KRpPa72heQGZBg5UN9FeCfX8WIc0-DBuNEXSTwPLx2StjHiCf3otGqsJcmCzZBS2iC93FWb58yPze6WRkzUV6Zcfu3LPS2fy-M19tm-Frs1WNx4Bysw00GJk8QZ2VgBnuugesadtiw1nSBwWh13tOLmEo-lIMED-I04-WwOtum0L1jun2XluP-zhIDBfqtYvNOtflx5C-ooZE2OZuI_bxlAtiaRNCOUoDbFOPJ9XAhfJAVcPHmTfR8OrtjojqCi66hwcz_pyas-Qn5EHNod6Z065Ygj8rzYyYdZGougl1J0QtRQ0Ax-8_hDbukKQHinz73XktxRiLBLO_klhp1gPsEeGdLi2IIqokucuSEA5EG3SN1IgqTbF8ZrQL6-FmeEvIZX3cgV8QpFfBOYzucOw6SHAg4LwI5H_qKvV0PUwFvf_9WMn_5u-9NmxrS61gZ3SpiBpKc86e7mMMxZjffrovizfdqNdpXH02W__1gs1HkrFySaHa8&sai=AMfl-YQJqRdkbnoQbBnIq1IaDTU-2E5gHlWOOlXAXw3angNB1m6ppeiaR6m8PQnPOv-TwlqWZEma7niR2dcO0TGn9zU-3n5LsYnTXNMm455y9ooj8Z70g_FZSXWipPxff7uq0glFlbiP78nkUYElZCPUWoGcRL_b1t2Cbau4sKzi03dcpITVp8N_p0U1As2B8uOHg8PBDKOZ_hFRDyhIHPuTsNo1aHNu7bDgaDZOy_1JbvI_cQr-e5XvZ1SJLvY06IVArn1j27x9lkYBFgycti7w37Pj1FvZyOHaBYp6XJFo5UeZbQ&sig=Cg0ArKJSzO-tCPO7N6kEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=678&vt=11&dtpt=678&dett=2&cstd=0&cisv=r20230207.92761&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 00:15:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 00:30:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Feb 2023 00:15:33 GMT
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
File type ASCII text, with very long lines (65354)
Hash 03722b8230ab3c6910ff09a2d9c58fe5
cbb93a57748d2dff62184ed83ead0d9a2c454518
bca06a9b82ca879105ab82705bf8b4cf27e405533a18f27e12ae575477610944
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Fri, 10 Feb 2023 00:15:33 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.29.1&cb=99226038787
178.250.0.165200 OK 165 B URL HTTP/2 bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.29.1&cb=99226038787
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8a70f4a6686af6898e752cf52ee06cbd
9401015fa9755fe83f06376b92c356ed0fa7a533
a1d0beb305be3df232f7e18522f346b5b1f3c9a53064819ace56c22acea2b5af
POST /cdb?ptv=117&profileId=185&av=34&wv=6.29.1&cb=99226038787 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 993
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ivona.ua
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 165
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0fc3e2be9a02b14fdb24e92d26da8838
d55b2ea7ea9d97de65bd0833926173f205591b6e
55958bd04c967f293dd41c5f4cd5fc52eaaad9738af71c0910fad08b11996c24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4607
Cache-Control: max-age=139061
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:33 GMT
Etag: "63e3a55b-139"
Expires: Fri, 10 Feb 2023 14:53:14 GMT
Last-Modified: Wed, 08 Feb 2023 13:36:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
adx.adform.net/adx/openrtb
37.157.6.253204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 769
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:15:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ivona.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3724
Cache-Control: max-age=105105
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:33 GMT
Etag: "63e3242a-139"
Expires: Fri, 10 Feb 2023 05:27:18 GMT
Last-Modified: Wed, 08 Feb 2023 04:25:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=2D0MC180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJkZ0RkSUIyRnBvJTJCajdRSHp3U1JNbjFObGhCZmZYSk9SMGFQJTJGNWxPdWVv; expires=Tue, 05 Mar 2024 00:15:33 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 314613
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:33 GMT
Last-Modified: Wed, 08 Feb 2023 23:00:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ib.adnxs.com/ut/v3/prebid
185.89.210.141200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 30d16b91d35e91eca6c5844d8dd812a0
31bb241d95dbfb45b91f8226c27ba5f0bc52dd49
72a723a9b1e718d8374a926bfacc218e4d3642341bd6487b94c61c054fb199c6
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 827
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 00:15:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ivona.ua
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: ada5ae26-f21f-4771-b3a4-d5d8524302d2
Set-Cookie: icu=ChkI1s2EARAKGAEgASgBMKb2kJ8GOAFAAUgBEKb2kJ8GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 00:15:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7201753849148099913; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 00:15:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ag.gbc.criteo.com/newidsd
185.235.84.179200 OK 167 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.179:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6c418fe304d00f87f166309e249d5ca8
b19ad4b885cb1a64603315c7467fef13945703a1
7246b50d6eefd813d23dc39e082fa6b91280ebd3abee066754f49ce54b345449
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 107434
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
hal900011.redintelligence.net/request_content.php?s=30926100005206704439914012230011&a=38f9fbd7
138.201.64.38200 OK 2.4 kB URL HTTP/1.1 hal900011.redintelligence.net/request_content.php?s=30926100005206704439914012230011&a=38f9fbd7
IP 138.201.64.38:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4bf100f3e15ce99dd2ddfff0e5bf18c2
4f828b30a9c7d9a64fa5a1ccebc83e2665007730
d389b70f9f4715a2c9344e0ed68b534eca30f3137234724b62cb1f0ec0abbe84
GET /request_content.php?s=30926100005206704439914012230011&a=38f9fbd7 HTTP/1.1
Host: hal900011.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4a1a6fce7535927e111b614967f48645.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=443c81504407dbf9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 09 Feb 2023 00:15:34 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2368
Connection: close
Content-Type: text/html; charset=utf-8
gum.criteo.com/sid/json?origin=publishertag&domain=ivona.ua&sn=FirefoxSyncframe&so=0&topUrl=ivona.ua&info=kUb-6F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJkZ0RkSUIyRnBvJTJCajdRSHp3U1JNbm1PUjFBUFFnbk44dXA2czglMkY0TUwy&idsd=1221521784,-1372532768&cw=1&lsw=1
178.250.2.146200 OK 32 kB URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ivona.ua&sn=FirefoxSyncframe&so=0&topUrl=ivona.ua&info=kUb-6F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJkZ0RkSUIyRnBvJTJCajdRSHp3U1JNbm1PUjFBUFFnbk44dXA2czglMkY0TUwy&idsd=1221521784,-1372532768&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32406)
Hash dc2b3d38d8f630c8b805e1aac93c727f
6546d061234ac6d8b7ae159e78c555bd4004cfd9
46e5e3aa2d3894dc356f2a2b56784fae4e2736458d162fcfbbdcb51104ed89d7
GET /sid/json?origin=publishertag&domain=ivona.ua&sn=FirefoxSyncframe&so=0&topUrl=ivona.ua&info=kUb-6F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJkZ0RkSUIyRnBvJTJCajdRSHp3U1JNbm1PUjFBUFFnbk44dXA2czglMkY0TUwy&idsd=1221521784,-1372532768&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ivona.ua
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 939515
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
prebid-server.rubiconproject.com/openrtb2/auction
3.73.2.10200 OK 169 B URL HTTP/2 prebid-server.rubiconproject.com/openrtb2/auction
IP 3.73.2.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash eefa263b8042a610fe4bb2cbae234611
c46ea494c5b87d26866be12aebc51e24b6e9f1a9
c90a00d3700835ac9c045c5f3f4ee6dc08881fc94ae20025487c1b2961d4eebb
POST /openrtb2/auction HTTP/1.1
Host: prebid-server.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1462
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:34 GMT
content-type: application/json
content-length: 169
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
x-prebid: pbs-java/1.110.0
content-encoding: gzip
X-Firefox-Spdy: h2
ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
138.199.36.10200 OK 530 B URL HTTP/2 ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (677)
Hash 6a79dd8db6e71add0b043ba637b2cd4c
4d7b167b43afa28aa449986aac8a00dad5d273ad
e2a9d466b1be68b03aee8b0c18cfdb691ade987a39138c913b8c352e13692e29
POST /load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
cdn-storageserver: DE-51
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 404
cdn-cachedat: 02/09/2023 00:15:33
cdn-edgestorageid: 1053
cdn-requestid: 1648af4c3c70b3464a69dbd231cbf5f5
content-encoding: br
X-Firefox-Spdy: h2
hal900011.redintelligence.net/viewability?s=30926100005206704439914012230011&a=8552ab4d&vb=m
138.201.64.38200 OK 0 B URL HTTP/1.1 hal900011.redintelligence.net/viewability?s=30926100005206704439914012230011&a=8552ab4d&vb=m
IP 138.201.64.38:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=30926100005206704439914012230011&a=8552ab4d&vb=m HTTP/1.1
Host: hal900011.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900011.redintelligence.net/request_content.php?s=30926100005206704439914012230011&a=38f9fbd7
Cookie: 8lcfmzhxc8d6_uid=443c81504407dbf9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:15:34 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.contentspread.net/24i/content/soberfb/EN/S-300x100.gif
88.99.65.215200 OK 18 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-300x100.gif
IP 88.99.65.215:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 100\012- data
Hash a78c5c66aba9eabdeeb5c3cad357cbd9
049400883dd8e034f6369bf21b0c8153dd7adc26
a62bed816935dd58a3830c917575a0356109a2e6b97f62e05ede060143bb45af
GET /24i/content/soberfb/EN/S-300x100.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900011.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:15:34 GMT
Content-Type: image/gif
Content-Length: 18072
Last-Modified: Mon, 23 Jul 2018 15:19:53 GMT
Connection: close
ETag: "5b55f219-4698"
Accept-Ranges: bytes
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=161562 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=88155
expires: Fri, 10 Feb 2023 00:44:49 GMT
date: Thu, 09 Feb 2023 00:15:34 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
162.19.138.119200 135 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f2f8115045ff1eadf2c6a71ee4c9841
827c34f8424aa2a1f3c809483904314a00326c3e
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ivona.ua
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 09 Feb 2023 00:15:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 22 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ivona.ua/
Origin: https://ivona.ua
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ivona.ua
server-processing-duration-in-ticks: 404762
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f997d2aff739ec1096fc18be66acbcfb
25030e3208ad00dfd6cd317a1035d707ea7fc50c
355162db73d3389beefb95a04db8b223a2ecd0aa99e865555726b20992439de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eus.rubiconproject.com/usync.html
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Feb 2023 00:15:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1040
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, no-store, must-revalidate
date: Thu, 09 Feb 2023 00:15:34 GMT
X-Firefox-Spdy: h2
prebid-server.rubiconproject.com/openrtb2/auction
3.73.2.10200 OK 168 B URL HTTP/2 prebid-server.rubiconproject.com/openrtb2/auction
IP 3.73.2.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 03099099d6aad191842ceb62c671ee27
a0bf8dd8f10a31a82df3d246033d296bb0d30062
77b9f867404635fde6112b3178383705b30b1c725737cc16bf4b3691ed372f9b
POST /openrtb2/auction HTTP/1.1
Host: prebid-server.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1462
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:34 GMT
content-type: application/json
content-length: 168
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
x-prebid: pbs-java/1.110.0
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.29.1&cb=94462680164
178.250.0.165200 OK 165 B URL HTTP/2 bidder.criteo.com/cdb?ptv=117&profileId=185&av=34&wv=6.29.1&cb=94462680164
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9806df99e632626a1240064c507c90ff
ee3853241a27701fd012751a0cca2d2f61148d82
28bf38bb8f1d40d5ce01c9202c3fa39fa3c50da27c80b6bea6c4bc62ff2172f5
POST /cdb?ptv=117&profileId=185&av=34&wv=6.29.1&cb=94462680164 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 993
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:34 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ivona.ua
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 165
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.253204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 769
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 09 Feb 2023 00:15:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ivona.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
2.23.134.137200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18415)
Hash 43cebd7316cc6a13e665faaa57f4c4bf
9d7dfe5e0643609faa681b2fbb4bc5f6854f4168
74fb782b3d6944c34f649dd44d5ffcaa848903cca5c92923bdbff7ea83e65e0e
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 08 Feb 2023 02:44:35 GMT
Content-Encoding: gzip
Content-Length: 10007
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=9023
Expires: Thu, 09 Feb 2023 02:45:57 GMT
Date: Thu, 09 Feb 2023 00:15:34 GMT
Connection: keep-alive
Vary: Accept-Encoding
ib.adnxs.com/ut/v3/prebid
185.89.210.141200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c890b8894583559777943cd55bd0f623
82ebc9c3a626926e110ff0296f4731eeb8131566
a90ab8dc5a3e77c598d0358bd7916211764fab111d16748b04d3447effc715d7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 828
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 00:15:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ivona.ua
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: af59af49-325e-4360-98cd-695233231b33
Set-Cookie: icu=ChkI1s2EARAKGAEgASgBMKb2kJ8GOAFAAUgBEKb2kJ8GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 00:15:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6787031718848723467; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 00:15:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
csi.gstatic.com/csi?v=2&s=ima&puid=1~ldwcnl48&c=2070281677732&slotId=1035140838866&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
172.217.17.131204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~ldwcnl48&c=2070281677732&slotId=1035140838866&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
IP 172.217.17.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~ldwcnl48&c=2070281677732&slotId=1035140838866&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 09 Feb 2023 00:15:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b39e9b23d29a98eff34416a616ba37f5
bdc9129409a52c7da406b0a0bf6067b936a446dc
2329a603d135a67a020b3f1f94be7ffb9ad0b3afbd4a33a6e85d9ef1d053f4cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2329A603D135A67A020B3F1F94BE7FFB9AD0B3AFBD4A33A6E85D9EF1D053F4CD"
Last-Modified: Tue, 07 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3093
Expires: Thu, 09 Feb 2023 01:07:07 GMT
Date: Thu, 09 Feb 2023 00:15:34 GMT
Connection: keep-alive
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.190.78200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.190.78:0
File type ASCII text, with no line terminators
Hash 66d1f894db224ac87eec7e0f07d44158
29b762601e622ccb1449e3d149cf7d434fa20f3d
fdd3c878ce5e208e2e13b8a281906a64398ecbd75605484c9177bab35c311da4
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Tue, 9 May 2023 16:47:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 09 Feb 2023 00:15:33 GMT
content-length: 60
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
162.19.138.120200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f5e03931f7649d2f41e9cf5fc7c89043
66cee9535a7058595f9a4d5c7fcf131b808c88ec
5e05593c05c0e4a91509103f2af12b645b8139d8fe0d5b31845dd0c08df01afe
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ivona.ua
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 09 Feb 2023 00:15:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/692.json
162.19.138.119200 216 B URL HTTP/1.1 id5-sync.com/g/v2/692.json
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e28e194768a395737461f6a5303bb7b4
476b6fc20f5762b17f9bec2031d6dc884360260d
d26ae9e9c90fe40e7ba1a4d7cec2a7bc554f31a663106275693400bfc5106524
POST /g/v2/692.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 299
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ivona.ua
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 09 Feb 2023 00:15:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f997d2aff739ec1096fc18be66acbcfb
25030e3208ad00dfd6cd317a1035d707ea7fc50c
355162db73d3389beefb95a04db8b223a2ecd0aa99e865555726b20992439de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 1ac79b3e52a120cad65c7c8669d9ae14
77777063b125de979bd886f0c2c64f8bf8555b62
b7a09e3401fe3df4a0132834b2f1a3b3fa85bfa76fd24a576f4ebd3aa1b41817
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 00:15:34 GMT
Last-Modified: Wed, 08 Feb 2023 22:50:40 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2e_MpOwF17j9tY4NuQYRGipQqPedkAW-4cJvBcM7_lBrDdKn4Qss5Q==
Age: 5094
a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
54.237.145.190302 0 B URL HTTP/1.1 a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
IP 54.237.145.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP/1.1
Host: a.audrte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Date: Thu, 09 Feb 2023 00:15:34 GMT
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=049ugn3sdSuR6Wq1uMUKYRmpA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648
Server: nginx/1.18.0
Set-Cookie: arcki2=049ugn3sdSuR6Wq1uMUKYRmpA!20220908!1675901734901!ip#91.90.42.154; Max-Age=1296000; Expires=Fri, 24-Feb-2023 00:15:34 GMT; Domain=audrte.com; Path=/; Secure; HttpOnly; SameSite=none; Secure
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 0
Connection: keep-alive
image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=
185.64.190.78302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=
IP 185.64.190.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Thu, 09 Feb 2023 00:15:33 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee0ee0a0c782a03056c5dc170f07ef96
127bc446dba6adeefb69954fdbe3fcde3f877893
bc17c26db4b0561c9ec9c1fe29b37a9692500bd0f9b2bd02bdbc4d366475a882
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2595
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:35 GMT
Last-Modified: Wed, 08 Feb 2023 23:32:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
gem.gbc.criteo.com/newidsd
178.250.6.1200 OK 140 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5dff3c43ad25fa964ca8fbbd41becdfb
2b14fd8299e1a90e3adf57f6c2e2e60cbb251125
4fe0a5809b6bae4be5f678352593622ab424a03ef0141467cee854d90e73f457
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 164852
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
185.89.211.116307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 00:15:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
AN-X-Request-Uuid: 220c2d2b-daac-4ff2-a6bf-3fb72741af71
Set-Cookie: uuid2=8275215126494338846; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 00:15:35 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
138.199.36.10200 OK 430 B URL HTTP/2 ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (677)
Hash d617e7015df5b24152ea14d2e0682799
ace990b24be86cd313c43b0512f4f6fac64e46f6
ce9aaf552fa6261f651afd59d049caa5549f9331156f0aa4a02ec4a8c3c9a926
POST /load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:34 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
cdn-storageserver: DE-200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 404
cdn-cachedat: 02/09/2023 00:15:34
cdn-edgestorageid: 1053
cdn-requestid: ef9fdb7cba87008b5c48d134ba9ddfd4
content-encoding: br
X-Firefox-Spdy: h2
ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent=
46.228.164.11302 Found 0 B URL HTTP/2 ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent=
IP 46.228.164.11:0
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=3729421585293450850; Domain=.turn.com; Expires=Tue, 08-Aug-2023 00:15:35 GMT; Path=/; Secure; SameSite=None
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3729421585293450850&gdpr=0&gdpr_consent=
content-length: 0
date: Thu, 09 Feb 2023 00:15:34 GMT
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=049ugn3sdSuR6Wq1uMUKYRmpA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648
185.86.139.102302 Found 0 B URL HTTP/2 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=049ugn3sdSuR6Wq1uMUKYRmpA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648
IP 185.86.139.102:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redir/?issi=1&partnerid=141&partneruserid=049ugn3sdSuR6Wq1uMUKYRmpA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648 HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
date: Thu, 09 Feb 2023 00:15:34 GMT
cache-control: no-cache,no-store
location: https://a.audrte.com/match?uid=6159869188995313554&p=M501991648&gdpr=0&gdpr_consent=
pragma: no-cache
set-cookie: pid=6159869188995313554; expires=Sat, 09 Mar 2024 00:15:35 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 09 Mar 2024 00:15:35 GMT; domain=smartadserver.com; path=/
csync=141:049ugn3sdSuR6Wq1uMUKYRmpA; expires=Fri, 09 Feb 2024 00:15:35 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DF578F5E0-6C59-44FB-BC3D-756678708238%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
2.18.172.200200 OK 878 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DF578F5E0-6C59-44FB-BC3D-756678708238%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1524), with no line terminators
Hash 2d4d43862bd7f604d0034d47cb2e5549
8d3bc9e49c3823d379b92d21f11f36274a118391
700ca0b0c89a1732084acaec0f049d37cdc8c014d51db719e70fc4bb9354d685
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DF578F5E0-6C59-44FB-BC3D-756678708238%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 878
content-type: text/html
cache-control: max-age=106074
expires: Fri, 10 Feb 2023 05:43:29 GMT
date: Thu, 09 Feb 2023 00:15:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1
185.64.190.78200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1
IP 185.64.190.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 09 Feb 2023 00:15:33 GMT
content-length: 0
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
185.89.211.116302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 00:15:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent=
AN-X-Request-Uuid: 26824ec7-874f-4a4d-ba8e-a9e74bf12ce3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x.bidswitch.net/ul_cb/sync?ssp=themediagrid
52.28.41.26200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=themediagrid
IP 52.28.41.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=themediagrid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:35 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff4eccae864be7aa8104ffcb8b26db47
1a8ec2a24c9e4b48876ab7698026647e1bbf3800
66bf8dff78373b87f00365097fcb6912ebb775a8593dc86679ae0302bccddc66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:15:35 GMT
Last-Modified: Wed, 08 Feb 2023 22:26:45 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
a.audrte.com/match?uid=6159869188995313554&p=M501991648&gdpr=0&gdpr_consent=
54.237.145.190302 0 B URL HTTP/1.1 a.audrte.com/match?uid=6159869188995313554&p=M501991648&gdpr=0&gdpr_consent=
IP 54.237.145.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=6159869188995313554&p=M501991648&gdpr=0&gdpr_consent= HTTP/1.1
Host: a.audrte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Cookie: arcki2=049ugn3sdSuR6Wq1uMUKYRmpA!20220908!1675901734901!ip#91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Date: Thu, 09 Feb 2023 00:15:35 GMT
Location: https://a.audrte.com:443/p?gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648
Server: nginx/1.18.0
Set-Cookie: arcki2_smart=6159869188995313554!20220908!1675901735152; Max-Age=1296000; Expires=Fri, 24-Feb-2023 00:15:35 GMT; Domain=audrte.com; Path=/; Secure; HttpOnly; SameSite=none; Secure
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 0
Connection: keep-alive
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=162179 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=88154
expires: Fri, 10 Feb 2023 00:44:49 GMT
date: Thu, 09 Feb 2023 00:15:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=162179 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=88154
expires: Fri, 10 Feb 2023 00:44:49 GMT
date: Thu, 09 Feb 2023 00:15:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
exchange.informer.ua/informer/stat/?s=kolobok
193.29.200.142200 OK 1.4 kB URL HTTP/2 exchange.informer.ua/informer/stat/?s=kolobok
IP 193.29.200.142:0
ASN #197203 PJSC Ukrainian Media Holding
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash f9abad7d058787b12836be0b21621b84
d4930efa9451573e82c74aae5866e4c278369de3
45ae33714b57c2899eb20198ecb7b964a68d88226ec70a77a2a056b4457f8af6
GET /informer/stat/?s=kolobok HTTP/1.1
Host: exchange.informer.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.12.2
date: Thu, 09 Feb 2023 00:28:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.17
content-encoding: gzip
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
2.18.172.187200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 2.18.172.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 10 Feb 2023 00:15:37 GMT
Date: Thu, 09 Feb 2023 00:15:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
2.18.172.187200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 2.18.172.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 10 Feb 2023 00:15:37 GMT
Date: Thu, 09 Feb 2023 00:15:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
unpkg.com/swiper@7.3.0/swiper-bundle.min.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/swiper@7.3.0/swiper-bundle.min.js
IP 104.16.122.175:0
GET /swiper@7.3.0/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
via: 1.1 fly.io
fly-request-id: 01GQ45HS9W59QETH0TPNMK4J64-fra
cf-cache-status: HIT
age: 1798183
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7968693a6e08b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=161562&sc=1&u=F578F5E0-6C59-44FB-BC3D-756678708238&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=161562&sc=1&u=F578F5E0-6C59-44FB-BC3D-756678708238&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=161562&sc=1&u=F578F5E0-6C59-44FB-BC3D-756678708238&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:34 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent=
185.86.139.102200 OK 0 B URL HTTP/2 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent=
IP 185.86.139.102:0
ASN #201081 SmartAdServer SAS
GET /redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Thu, 09 Feb 2023 00:15:34 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=2539123329385656186; expires=Sat, 09 Mar 2024 00:15:35 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 09 Mar 2024 00:15:35 GMT; domain=smartadserver.com; path=/
csync=86:0; expires=Fri, 09 Feb 2024 00:15:35 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP 104.18.11.207:0
GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 12/27/2021 07:28:05
cdn-edgestorageid: 756
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: c93bb13724f1916e0ec0f105adc4675a
cdn-cache: HIT
cf-cache-status: HIT
age: 21346262
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79686926ea820b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
player.adtcdn.com/prebidlink/465528/wrapper_hb_738585_17201.js
172.64.129.3200 OK 0 B URL HTTP/2 player.adtcdn.com/prebidlink/465528/wrapper_hb_738585_17201.js
IP 172.64.129.3:0
GET /prebidlink/465528/wrapper_hb_738585_17201.js HTTP/1.1
Host: player.adtcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 11:25:43 GMT
etag: W/"63e0e3b7-683"
expires: Thu, 09 Feb 2023 00:30:27 GMT
cache-control: max-age=345600
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6v12gE%2BKGBwKtIvV4uIWfKT8ukOVRTkvX97iCfb0mraGeMf2luzAPdVtu6CFi4VRWUdvrgRX8gsRumI7p0fvZubkxn4zgAjXS6A2CMijVE9j4sISum%2F%2Furb1nVWsouwS6LK1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796869273bc37302-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.umh.ua/libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1314877256_IfiEPRwJCLnP&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1314877256&u=66910b6b526aeeff&sr=1280x1024&cw=1268&ch=939&hc=16&df=64&bh=1&tl=1771&n=864482560&url=ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&zyx=1503515561
78.159.118.240200 OK 0 B URL HTTP/2 cdn.umh.ua/libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1314877256_IfiEPRwJCLnP&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1314877256&u=66910b6b526aeeff&sr=1280x1024&cw=1268&ch=939&hc=16&df=64&bh=1&tl=1771&n=864482560&url=ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&zyx=1503515561
IP 78.159.118.240:0
ASN #28753 Leaseweb Deutschland GmbH
GET /libs/vast/vast-player/contentroll.html?2&advMediaId=zone_1314877256_IfiEPRwJCLnP&ADTAG=https://z.cdn.umh.ua/load?o=v&z=1314877256&u=66910b6b526aeeff&sr=1280x1024&cw=1268&ch=939&hc=16&df=64&bh=1&tl=1771&n=864482560&url=ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&vc=0&zyx=1503515561 HTTP/1.1
Host: cdn.umh.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Cookie: AU=66910b6b526aeeff
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 06 Oct 2022 14:38:04 GMT
vary: Accept-Encoding
etag: W/"633ee84c-27d3"
expires: Fri, 10 Feb 2023 00:15:28 GMT
cache-control: max-age=86400
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: X-PINGOTHER
access-control-max-age: 1728000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
content-encoding: gzip
X-Firefox-Spdy: h2
ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
138.199.36.10200 OK 0 B URL HTTP/2 ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
POST /load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:35 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
cdn-storageserver: DE-200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 404
cdn-cachedat: 02/09/2023 00:15:35
cdn-edgestorageid: 1053
cdn-requestid: b4655d718a32f38f6f96c2c8f1548472
content-encoding: br
X-Firefox-Spdy: h2
ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1280&screen_height=1024&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&referrer=&async=1&uid=248529106
212.8.250.228200 OK 0 B URL HTTP/2 ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1280&screen_height=1024&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&referrer=&async=1&uid=248529106
IP 212.8.250.228:0
ASN #49981 WorldStream B.V.
GET /delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1280&screen_height=1024&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly&referrer=&async=1&uid=248529106 HTTP/1.1
Host: ad.mox.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
set-cookie: moxuuid=c4f2a9bf-e9da-4cf8-b18b-55a8bdc85035; expires=Sun, 06-Feb-2033 00:15:28 GMT; Max-Age=315360000; path=/; secure; SameSite=None
_mwayss_zone_imp[4730][count]=0; expires=Fri, 20-Mar-2076 00:30:56 GMT; Max-Age=1675988128; path=/; secure; SameSite=None
_mwayss_zone_imp[4730][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15455][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15455][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[4847][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[4847][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15595][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15595][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[3877][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[3877][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15442][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15442][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[4418][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[4418][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15792][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15792][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[4942][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[4942][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15362][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_imp[15362][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[1954][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_camp_imp[1954][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_zone_imp[4730][count]=0; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
_mwayss_zone_imp[4730][frequencyPeriodEnd]=1675988128; expires=Fri, 10-Feb-2023 00:15:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.membrana.media/video/video.js?3efab6|63f380
194.242.11.186200 OK 0 B URL HTTP/2 cdn.membrana.media/video/video.js?3efab6|63f380
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /video/video.js?3efab6|63f380 HTTP/1.1
Host: cdn.membrana.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 139012
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=86400
etag: W/"63e42313-41a41"
last-modified: Wed, 08 Feb 2023 22:32:51 GMT
cdn-storageserver: DE-168
cdn-fileserver: 224
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/08/2023 22:33:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a7a3174daf5f7c0e7b4bd112d6807cf1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.117.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.117.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.117.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: text/javascript
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
etag: W/"61cc54f6-15c19"
expires: Fri, 10 Feb 2023 00:15:33 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
IP 198.148.27.140:0
GET /bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-llvb2
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=oGGZKmtLUox9&ev=1&pid=560288&gdpr_consent=&gdpr=0
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=oGGZKmtLUox9;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 04-Feb-2024 00:15:35 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=dfc7edaaf6830dd9; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ivona.ua/js/banner-index.js/v11
54.230.111.14200 OK 0 B URL HTTP/2 ivona.ua/js/banner-index.js/v11
IP 54.230.111.14:0
GET /js/banner-index.js/v11 HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: nginx
date: Wed, 29 Jun 2022 11:48:45 GMT
last-modified: Sat, 21 Aug 2021 13:24:17 GMT
etag: W/"6120fe81-725"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Alq6xdiOQDnGtoegXExg6P1UMtfoZjUxP5u5nI8GzMX26mVOqxq-Q==
age: 19398432
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=ivona.ua
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ivona.ua
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=ivona.ua HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:32 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=bc9b36b2-9466-463b-a21d-1fbb01c00a58; expires=Tue, 05 Mar 2024 00:15:32 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 528705
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mox.tv/mox/mwayss_invocation.min.css
212.8.250.228200 OK 0 B URL HTTP/2 ad.mox.tv/mox/mwayss_invocation.min.css
IP 212.8.250.228:0
ASN #49981 WorldStream B.V.
GET /mox/mwayss_invocation.min.css HTTP/1.1
Host: ad.mox.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Cookie: moxuuid=c4f2a9bf-e9da-4cf8-b18b-55a8bdc85035; _mwayss_zone_imp[4730][count]=0; _mwayss_zone_imp[4730][frequencyPeriodEnd]=1675988128; _mwayss_imp[15455][count]=0; _mwayss_imp[15455][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4847][count]=0; _mwayss_camp_imp[4847][frequencyPeriodEnd]=1675988128; _mwayss_imp[15595][count]=0; _mwayss_imp[15595][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[3877][count]=0; _mwayss_camp_imp[3877][frequencyPeriodEnd]=1675988128; _mwayss_imp[15442][count]=0; _mwayss_imp[15442][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4418][count]=0; _mwayss_camp_imp[4418][frequencyPeriodEnd]=1675988128; _mwayss_imp[15792][count]=0; _mwayss_imp[15792][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4942][count]=0; _mwayss_camp_imp[4942][frequencyPeriodEnd]=1675988128; _mwayss_imp[15362][count]=0; _mwayss_imp[15362][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[1954][count]=0; _mwayss_camp_imp[1954][frequencyPeriodEnd]=1675988128
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: text/css
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
vary: Accept-Encoding
etag: W/"5ee0f3c3-a0a"
content-encoding: gzip
X-Firefox-Spdy: h2
player.adtelligent.com/prebidlink/19397/hbw_release_738585_17201.js
45.133.44.4200 OK 0 B URL HTTP/2 player.adtelligent.com/prebidlink/19397/hbw_release_738585_17201.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /prebidlink/19397/hbw_release_738585_17201.js HTTP/1.1
Host: player.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Mon, 06 Feb 2023 11:25:43 GMT
etag: W/"63e0e3b7-1a5a2"
cache-control: max-age=172800
content-encoding: gzip
expires: Sat, 11 Feb 2023 00:15:28 GMT
access-control-allow-origin: *
x-proxy-cache: MISS
X-Firefox-Spdy: h2
ivona.ua/js/theme-script.min.js/v11
54.230.111.14200 OK 0 B URL HTTP/2 ivona.ua/js/theme-script.min.js/v11
IP 54.230.111.14:0
GET /js/theme-script.min.js/v11 HTTP/1.1
Host: ivona.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/ua/shou-biz/paparacci/6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
server: nginx
date: Wed, 29 Jun 2022 11:48:42 GMT
last-modified: Wed, 09 Feb 2022 11:22:20 GMT
etag: W/"6203a3ec-693"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: true
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mZcTugTHUeQP-IXmb7j1jyJmW5vd_gHlk4Zom81WdX62y6FgjZRGYw==
age: 19398435
X-Firefox-Spdy: h2
ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
138.199.36.10200 OK 0 B URL HTTP/2 ym-tack.b-cdn.net/load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
POST /load_video_failed?notsy;4;No%20compatible%20source%20was%20found%20for%20this%20media.;UMH;https://membrana-cdn.media/nts/desktop/membrana-main42-7709-20230206-desktop.mp4;05abca64-943a-47fe-834a-3046ca095916 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:32 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
cdn-storageserver: DE-168
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 404
cdn-cachedat: 02/09/2023 00:15:32
cdn-edgestorageid: 1053
cdn-requestid: 924d6843eb23e5d38d49ebda58f77fbc
content-encoding: br
X-Firefox-Spdy: h2
go.rcvlink.com/cs/1/1
136.243.84.75200 OK 0 B IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
GET /cs/1/1 HTTP/1.1
Host: go.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: text/javascript;charset=utf-8
hn: b20
access-control-allow-origin: *
cache-control: private, max-age=315360000
expires: Sun, 06 Feb 2033 02:15:30 +0200
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mox.tv/js/achernar/achernar.min.js
212.8.250.228200 OK 0 B URL HTTP/2 ad.mox.tv/js/achernar/achernar.min.js
IP 212.8.250.228:0
ASN #49981 WorldStream B.V.
GET /js/achernar/achernar.min.js HTTP/1.1
Host: ad.mox.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Cookie: moxuuid=c4f2a9bf-e9da-4cf8-b18b-55a8bdc85035; _mwayss_zone_imp[4730][count]=0; _mwayss_zone_imp[4730][frequencyPeriodEnd]=1675988128; _mwayss_imp[15455][count]=0; _mwayss_imp[15455][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4847][count]=0; _mwayss_camp_imp[4847][frequencyPeriodEnd]=1675988128; _mwayss_imp[15595][count]=0; _mwayss_imp[15595][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[3877][count]=0; _mwayss_camp_imp[3877][frequencyPeriodEnd]=1675988128; _mwayss_imp[15442][count]=0; _mwayss_imp[15442][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4418][count]=0; _mwayss_camp_imp[4418][frequencyPeriodEnd]=1675988128; _mwayss_imp[15792][count]=0; _mwayss_imp[15792][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4942][count]=0; _mwayss_camp_imp[4942][frequencyPeriodEnd]=1675988128; _mwayss_imp[15362][count]=0; _mwayss_imp[15362][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[1954][count]=0; _mwayss_camp_imp[1954][frequencyPeriodEnd]=1675988128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
vary: Accept-Encoding
etag: W/"6213a5ed-2b1e"
expires: Thu, 09 Feb 2023 01:15:30 GMT
cache-control: max-age=3600, public, max-age=3600
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mox.tv/js/achernar/prebid.js
212.8.250.228200 OK 0 B URL HTTP/2 ad.mox.tv/js/achernar/prebid.js
IP 212.8.250.228:0
ASN #49981 WorldStream B.V.
GET /js/achernar/prebid.js HTTP/1.1
Host: ad.mox.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Cookie: moxuuid=c4f2a9bf-e9da-4cf8-b18b-55a8bdc85035; _mwayss_zone_imp[4730][count]=0; _mwayss_zone_imp[4730][frequencyPeriodEnd]=1675988128; _mwayss_imp[15455][count]=0; _mwayss_imp[15455][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4847][count]=0; _mwayss_camp_imp[4847][frequencyPeriodEnd]=1675988128; _mwayss_imp[15595][count]=0; _mwayss_imp[15595][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[3877][count]=0; _mwayss_camp_imp[3877][frequencyPeriodEnd]=1675988128; _mwayss_imp[15442][count]=0; _mwayss_imp[15442][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4418][count]=0; _mwayss_camp_imp[4418][frequencyPeriodEnd]=1675988128; _mwayss_imp[15792][count]=0; _mwayss_imp[15792][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[4942][count]=0; _mwayss_camp_imp[4942][frequencyPeriodEnd]=1675988128; _mwayss_imp[15362][count]=0; _mwayss_imp[15362][frequencyPeriodEnd]=1675988128; _mwayss_camp_imp[1954][count]=0; _mwayss_camp_imp[1954][frequencyPeriodEnd]=1675988128
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 15:58:34 GMT
vary: Accept-Encoding
etag: W/"6384daaa-4f0f0"
expires: Thu, 09 Feb 2023 01:15:30 GMT
cache-control: max-age=3600, public, max-age=3600
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/swiper@7.3.0/swiper-bundle.min.css
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/swiper@7.3.0/swiper-bundle.min.css
IP 104.16.122.175:0
GET /swiper@7.3.0/swiper-bundle.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
via: 1.1 fly.io
fly-request-id: 01G4XKT6AQXECQWDY9C3N8M02K-fra
cf-cache-status: HIT
age: 21345469
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7968693a7e15b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
a4p.adpartner.pro/hb/bid?tag=9043&sizes=300x250&referer=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
54.38.197.123200 OK 0 B URL HTTP/2 a4p.adpartner.pro/hb/bid?tag=9043&sizes=300x250&referer=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
IP 54.38.197.123:0
POST /hb/bid?tag=9043&sizes=300x250&referer=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 204
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:32 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ivona.ua
set-cookie: apuid=d0a12d86-b828-4b9f-ab5b-8a11a486e406; Path=/; Expires=Mon, 10 Apr 2023 00:15:31 GMT; Secure; SameSite=None
cache-control: no-store no-transform
content-encoding: br
X-Firefox-Spdy: h2
ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
212.8.250.228200 OK 0 B URL HTTP/2 ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
IP 212.8.250.228:0
ASN #49981 WorldStream B.V.
GET /mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div HTTP/1.1
Host: ad.mox.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 11:58:06 GMT
vary: Accept-Encoding
etag: W/"638896ce-7204"
expires: Thu, 09 Feb 2023 01:15:28 GMT
cache-control: max-age=3600, public, max-age=3600
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.membrana.media/umh/ym.js
194.242.11.186200 OK 0 B URL HTTP/2 cdn.membrana.media/umh/ym.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /umh/ym.js HTTP/1.1
Host: cdn.membrana.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 139012
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=86400
etag: W/"63d00d89-5cd4a"
last-modified: Tue, 24 Jan 2023 16:55:37 GMT
cdn-storageserver: DE-199
cdn-fileserver: 179
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/26/2023 10:49:47
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: aebfc70da67b2602f082ab045f022a40
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ivona.ua
server-processing-duration-in-ticks: 976545
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3729421585293450850&gdpr=0&gdpr_consent=
185.86.139.102200 OK 0 B URL HTTP/2 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3729421585293450850&gdpr=0&gdpr_consent=
IP 185.86.139.102:0
ASN #201081 SmartAdServer SAS
GET /redir/?issi=1&partnerid=32&partneruserid=3729421585293450850&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ivona.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Thu, 09 Feb 2023 00:15:34 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=1579397343607812038; expires=Sat, 09 Mar 2024 00:15:35 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 09 Mar 2024 00:15:35 GMT; domain=smartadserver.com; path=/
csync=32:3729421585293450850; expires=Fri, 09 Feb 2024 00:15:35 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Firefox-Spdy: h2
go.rcvlink.com/bdto/0b062d8698/?cache=tp_b49Lbu2352B0&ver=230117-1644&w=600&h=0&vw=1280&ms=2280.170&me=1&ref=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
136.243.84.75200 OK 0 B URL HTTP/2 go.rcvlink.com/bdto/0b062d8698/?cache=tp_b49Lbu2352B0&ver=230117-1644&w=600&h=0&vw=1280&ms=2280.170&me=1&ref=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly
IP 136.243.84.75:0
ASN #24940 Hetzner Online GmbH
GET /bdto/0b062d8698/?cache=tp_b49Lbu2352B0&ver=230117-1644&w=600&h=0&vw=1280&ms=2280.170&me=1&ref=https%3A%2F%2Fivona.ua%2Fua%2Fshou-biz%2Fpaparacci%2F6918495-kak-sejchas-vyglyadit-pervaya-zhena-sergeya-prituly HTTP/1.1
Host: go.rcvlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.rcvlink.com/static/iframe.htm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:15:30 GMT
content-type: application/json
expires: Thu, 09 Feb 2023 02:15:30 +0200
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
last-modified: Thu, 09 Feb 2023 00:15:30 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate
pragma: no-cache
hn: b24
set-cookie: cache=tp_b49Lbu2352B0; expires=Tue, 08-Feb-2033 12:15:30 GMT; Max-Age=315576000; path=/; samesite=None; domain=go.rcvlink.com; secure; HttpOnly
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
player.adtcdn.com/prebidlink/465528/hb_738585_17201.js
172.64.129.3200 OK 0 B URL HTTP/2 player.adtcdn.com/prebidlink/465528/hb_738585_17201.js
IP 172.64.129.3:0
GET /prebidlink/465528/hb_738585_17201.js HTTP/1.1
Host: player.adtcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:28 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 15:41:19 GMT
etag: W/"63d7e51f-52daa"
expires: Thu, 09 Feb 2023 00:30:28 GMT
cache-control: max-age=345600
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iF6WAE19aubVhnKk1OrEMJ4tAerI%2FYeZWv3hVPcQo5v8S3RC%2FYbk%2BA5gaEAvvj4JNOM3hEBe6IUUlsYZq9%2BiUcLLPcbwSKy1bz%2FkOTmpzN6ygEYUrXVgDz%2BOZ8SJKEmmn1rcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796869275bd87302-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ym-tack.b-cdn.net/page_view?UMH;desktop;;page_desktop;3efab6|63f380
138.199.36.10200 OK 0 B URL HTTP/2 ym-tack.b-cdn.net/page_view?UMH;desktop;;page_desktop;3efab6|63f380
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
POST /page_view?UMH;desktop;;page_desktop;3efab6|63f380 HTTP/1.1
Host: ym-tack.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ivona.ua
Connection: keep-alive
Referer: https://ivona.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:15:31 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 749406
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestcountrycode: NO
cache-control: public, max-age=0
etag: W/"63cace81-2b0"
cdn-storageserver: DE-197
cdn-fileserver: 469
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 405
cdn-cachedat: 02/09/2023 00:15:31
cdn-edgestorageid: 1053
cdn-requestid: 92472dce9345b6174509e0f2ea6fb07c
content-encoding: br
X-Firefox-Spdy: h2