r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9230
Expires: Tue, 06 Dec 2022 03:00:56 GMT
Date: Tue, 06 Dec 2022 00:27:06 GMT
Connection: keep-alive
mkkuei4kdsz.com/338/353.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/338/353.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /338/353.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 06 Dec 2022 00:27:06 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2707
Cache-Control: max-age=125360
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:06 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:16:26 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11791
Expires: Tue, 06 Dec 2022 03:43:37 GMT
Date: Tue, 06 Dec 2022 00:27:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 00:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 406
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6S7fvcgkvyAdLgT8MMHPO4wq7HIKdZQVvEjgZ3dhNEWBCPkHrU/RuTQWLd+jlwq4ck9L0N1IOcM=
x-amz-request-id: CN9VCQWVD8WT8BJT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 23:48:42 GMT
age: 2304
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:27:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2576
Cache-Control: max-age=160853
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:06 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:07:59 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15730130
expires: Sun, 26 Nov 2023 00:27:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sw7PiZSgcmP3SI1rwhoqNI37qwwRY2PgvONjJsGIM8Ae8li6VCkgLTXPgiLlAXy7dIdDf2H8%2F0inSl0FDTNI25X%2FfsiPPSdjmyQEWTdjF3ZBBfBbhQNXFdj2G6SYXgUjbK04yPL%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7750e4d5bc1e0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2576
Cache-Control: max-age=160853
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:06 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:07:59 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b1a840eba42dcfa72d3e2786ba2dd4f5
8517a73f72784c64445274c47c7a5b3adb50bdb4
8e3c803c1a2287f39f626151d6293ad860f15aafb2e004beb589205b0b92219e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8E3C803C1A2287F39F626151D6293AD860F15AAFB2E004BEB589205B0B92219E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12761
Expires: Tue, 06 Dec 2022 03:59:47 GMT
Date: Tue, 06 Dec 2022 00:27:06 GMT
Connection: keep-alive
mkkuei4kdsz.com/favicon.ico
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/338/353.html
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 06 Dec 2022 00:27:06 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 1088
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2694
Cache-Control: max-age=120279
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:07 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:51:46 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/338/353.html
104.26.10.61200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/338/353.html
IP 104.26.10.61:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/338/353.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:07 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1yYxrWm6zDLo3fvziJ94Bh1SOSUooO%2BtcLw%2BlNBtbiuXjcbsn2RUx98RDfq9RqEQMCiyHQtKpUVmP9Ly6i46BsggV3F5UiacpzDKVt5b7%2BsRnV0p0Y%2F4Wx8Tr95ItPp%2Bas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7750e4d69da3fac8-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.24.78.9101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.24.78.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FfUM5NlrYL+mO3VYT6MlQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7zEALDEWkc5ZQPIhNxIRM1I3POI=
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Hash 210f3f000e3cba143135d7864d7828f8
cd862debc3c2af96a56c975b3639ff50de27538f
92e4a222ee3ebde96618603be6690c3f49611b060d084ca846dbe12b6b316fcc
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Dec 2022 00:27:08 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Tue, 06 Dec 2022 00:27:07 GMT
x-cache-miss-from: parking-d7dbd8c4d-4r7pb
server: NginX
content-encoding: gzip
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI4NjQyOGViZGMwZjQ3ZjhiZjhmYWRiN2UxYjkyZWQzNGM4YjMy&crc=e1b39739da8c6a889971659909464509fc431bc6&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI4NjQyOGViZGMwZjQ3ZjhiZjhmYWRiN2UxYjkyZWQzNGM4YjMy&crc=e1b39739da8c6a889971659909464509fc431bc6&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI4NjQyOGViZGMwZjQ3ZjhiZjhmYWRiN2UxYjkyZWQzNGM4YjMy&crc=e1b39739da8c6a889971659909464509fc431bc6&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Tue, 06 Dec 2022 00:27:08 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-4r7pb
server: NginX
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Deq6%2AHSSAq3Q_0&v=ZjZmYTE2MGJlMDJmM2U3MmE4ZmVkY2NhNDVhZGFhZmUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZThjNWI3ZDNmNzIuODgxNTg3MjgJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU4YzViN2Q0M2UxLjMyNDI3ODUzCTE2NzAyODY0MjgJYWRfNjNfMA==&l=OAk1MmJkZjk2YzM4NGFmODVmZTkyZDZjMDc2MjEyZmQ1OQkwCTM1CTAJYzg0ODZmZGIzNmQ0Y2NkN2I1ZGZkMGM4ZWZiYTE0MDQJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyODY0MjgJMC4wMDA0NjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Deq6%2AHSSAq3Q_0&v=ZjZmYTE2MGJlMDJmM2U3MmE4ZmVkY2NhNDVhZGFhZmUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZThjNWI3ZDNmNzIuODgxNTg3MjgJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU4YzViN2Q0M2UxLjMyNDI3ODUzCTE2NzAyODY0MjgJYWRfNjNfMA==&l=OAk1MmJkZjk2YzM4NGFmODVmZTkyZDZjMDc2MjEyZmQ1OQkwCTM1CTAJYzg0ODZmZGIzNmQ0Y2NkN2I1ZGZkMGM4ZWZiYTE0MDQJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyODY0MjgJMC4wMDA0NjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Deq6%2AHSSAq3Q_0&v=ZjZmYTE2MGJlMDJmM2U3MmE4ZmVkY2NhNDVhZGFhZmUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZThjNWI3ZDNmNzIuODgxNTg3MjgJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU4YzViN2Q0M2UxLjMyNDI3ODUzCTE2NzAyODY0MjgJYWRfNjNfMA==&l=OAk1MmJkZjk2YzM4NGFmODVmZTkyZDZjMDc2MjEyZmQ1OQkwCTM1CTAJYzg0ODZmZGIzNmQ0Y2NkN2I1ZGZkMGM4ZWZiYTE0MDQJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyODY0MjgJMC4wMDA0NjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 06 Dec 2022 00:27:08 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 06 Dec 2022 00:27:08 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Deq6%2AHSSAq3Q_0&v=ZjZmYTE2MGJlMDJmM2U3MmE4ZmVkY2NhNDVhZGFhZmUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZThjNWI3ZDNmNzIuODgxNTg3MjgJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU4YzViN2Q0M2UxLjMyNDI3ODUzCTE2NzAyODY0MjgJYWRfNjNfMA==&l=OAk1MmJkZjk2YzM4NGFmODVmZTkyZDZjMDc2MjEyZmQ1OQkwCTM1CTAJYzg0ODZmZGIzNmQ0Y2NkN2I1ZGZkMGM4ZWZiYTE0MDQJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyODY0MjgJMC4wMDA0NjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-d7dbd8c4d-pnx5c
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Deq6%2AHSSAq3Q_0&v=ZjZmYTE2MGJlMDJmM2U3MmE4ZmVkY2NhNDVhZGFhZmUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZThjNWI3ZDNmNzIuODgxNTg3MjgJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU4YzViN2Q0M2UxLjMyNDI3ODUzCTE2NzAyODY0MjgJYWRfNjNfMA==&l=OAk1MmJkZjk2YzM4NGFmODVmZTkyZDZjMDc2MjEyZmQ1OQkwCTM1CTAJYzg0ODZmZGIzNmQ0Y2NkN2I1ZGZkMGM4ZWZiYTE0MDQJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyODY0MjgJMC4wMDA0NjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Deq6%2AHSSAq3Q_0&v=ZjZmYTE2MGJlMDJmM2U3MmE4ZmVkY2NhNDVhZGFhZmUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZThjNWI3ZDNmNzIuODgxNTg3MjgJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU4YzViN2Q0M2UxLjMyNDI3ODUzCTE2NzAyODY0MjgJYWRfNjNfMA==&l=OAk1MmJkZjk2YzM4NGFmODVmZTkyZDZjMDc2MjEyZmQ1OQkwCTM1CTAJYzg0ODZmZGIzNmQ0Y2NkN2I1ZGZkMGM4ZWZiYTE0MDQJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyODY0MjgJMC4wMDA0NjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8e4886a45288e987094141baffb4a295
0429ce7f6a30f89ec53864d5d3d300d1e2f1f341
5f7a20559c6d909b7b9433a10575565117b746e2d34b325c626af56d55ba0aff
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Deq6%2AHSSAq3Q_0&v=ZjZmYTE2MGJlMDJmM2U3MmE4ZmVkY2NhNDVhZGFhZmUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZThjNWI3ZDNmNzIuODgxNTg3MjgJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU4YzViN2Q0M2UxLjMyNDI3ODUzCTE2NzAyODY0MjgJYWRfNjNfMA==&l=OAk1MmJkZjk2YzM4NGFmODVmZTkyZDZjMDc2MjEyZmQ1OQkwCTM1CTAJYzg0ODZmZGIzNmQ0Y2NkN2I1ZGZkMGM4ZWZiYTE0MDQJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyODY0MjgJMC4wMDA0NjMJTgkwCTEJMTUxMgkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 06 Dec 2022 00:27:08 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 06 Dec 2022 00:27:08 GMT
location: http://xml.sedodna.com/click?i=eq6*HSSAq3Q_0
x-cache-miss-from: parking-d7dbd8c4d-5wc8k
server: NginX
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13471
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13471
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13471
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13471
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13471
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:27:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 9301
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 7282
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
age: 9913
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 9517
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49c08cd33e41826af9dd4a8a912e0ddf
bde85bd98858e4b13484a9cc3263b4db7fb5d348
43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5273
x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSz2EqfIAMFqng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YFtwPRjtJcX51t_xVdpS2-J222bVL8KEildkseLJ_pVbCFkljZ-Q0A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:49 GMT
age: 9559
etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 8260
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xml.sedodna.com/click?i=eq6*HSSAq3Q_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=eq6*HSSAq3Q_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=eq6*HSSAq3Q_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://belia-glp.com/zcvisitor/b7751e42-74fc-11ed-a305-0acbfe081617/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
Pragma: no-cache
belia-glp.com/zcvisitor/b7751e42-74fc-11ed-a305-0acbfe081617/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
3.208.247.235200 1.1 kB URL HTTP/1.1 belia-glp.com/zcvisitor/b7751e42-74fc-11ed-a305-0acbfe081617/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cfb54c419bd7aac5b4466b1139cbcf70
be9a537e82122060cafd7bae8bc8069727f0ec71
f40451d6813874d9a21538bf789d77d40c8d77c52426b690b8bd7762140eed44
GET /zcvisitor/b7751e42-74fc-11ed-a305-0acbfe081617/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97 HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 06 Dec 2022 00:27:09 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: OvLPBYAz
belia-glp.com/zcredirect?visitid=b7751e42-74fc-11ed-a305-0acbfe081617&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.208.247.235200 426 B URL HTTP/1.1 belia-glp.com/zcredirect?visitid=b7751e42-74fc-11ed-a305-0acbfe081617&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c6ea977892132443496e43c7265fff67
2e436af3c8a0f68477bbe9f532d0dc7e28e54847
c94b43711e00a3d6425b626b71971a6e97eff30ffa4ee4ffdaaa5166c2d9dc64
GET /zcredirect?visitid=b7751e42-74fc-11ed-a305-0acbfe081617&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcvisitor/b7751e42-74fc-11ed-a305-0acbfe081617/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 06 Dec 2022 00:27:09 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: XRPNQJJo
belia-glp.com/favicon.ico
3.208.247.235404 653 B URL HTTP/1.1 belia-glp.com/favicon.ico
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcredirect?visitid=b7751e42-74fc-11ed-a305-0acbfe081617&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Tue, 06 Dec 2022 00:27:09 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: JPdGzFPk
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash afaf96754ec25f0e9fd321ee4fd90fa9
0d38eb50d19ce79e547c37e007980b576a57621f
6c0ce617a089cd3c723de52061ecc5ed2f1a6ac476c48a5cc4d0f4f5e5d50d0d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 00:27:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:26:19 GMT
Expires: Mon, 12 Dec 2022 14:26:18 GMT
Etag: "0d38eb50d19ce79e547c37e007980b576a57621f"
Cache-Control: max-age=568148,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7750e4e88d0fb4fd-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 588552bd8d38b951a4d25035a83255c6
f9c65ee7cb87a5530b649cf74ee7b9dfa7748a04
d3cb3fa1549a40db73bb71bb26b8c21e0be470f98dc2b922f8b1d9846e9f12c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImQyNzFhMzExLTdjMDUtNDBmYS1iMzU0LWM4MjRlNTJhMWJkZDpmNDViZjQxY2NmNmEzZmM0NzlmNTUwZGQxMGFjZDlhYzlmMTNjMmE5In0=
216.58.207.208200 OK 1.4 kB URL HTTP/2 storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImQyNzFhMzExLTdjMDUtNDBmYS1iMzU0LWM4MjRlNTJhMWJkZDpmNDViZjQxY2NmNmEzZmM0NzlmNTUwZGQxMGFjZDlhYzlmMTNjMmE5In0=
IP 216.58.207.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 54f99c9e98a5b4f17b219e94417e6d2f
80247746ede724755155d0aa8c0082c8b00542bf
c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634
GET /tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogImQyNzFhMzExLTdjMDUtNDBmYS1iMzU0LWM4MjRlNTJhMWJkZDpmNDViZjQxY2NmNmEzZmM0NzlmNTUwZGQxMGFjZDlhYzlmMTNjMmE5In0= HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdubFnE4GyTeutmT3kp95eVcsLHXPxg3U20TzBNLcY7mpaWWupN7Ks0k1wsiRQx0COrIzh_gRtQttaHjZdp4iqCpxJfoYcb1
expires: Tue, 06 Dec 2022 01:27:10 GMT
date: Tue, 06 Dec 2022 00:27:10 GMT
cache-control: public, max-age=3600
last-modified: Mon, 10 Jun 2019 16:09:51 GMT
etag: "54f99c9e98a5b4f17b219e94417e6d2f"
x-goog-generation: 1560182991115409
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1357
content-type: text/html
x-goog-hash: crc32c=+7k9hA==, md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1357
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 588552bd8d38b951a4d25035a83255c6
f9c65ee7cb87a5530b649cf74ee7b9dfa7748a04
d3cb3fa1549a40db73bb71bb26b8c21e0be470f98dc2b922f8b1d9846e9f12c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
142.250.74.40200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash b799f1b2fc1696cf69542f6ce5386a7a
3946433d902b2fd82b1e29d16269108d7d084557
7ddfc0f896bbbfb8db97ddbd58054ebc3439c9b6b5f55f1a578238541df0ac02
GET /gtm.js?id=GTM-WKCGS93 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://storage.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 00:27:10 GMT
expires: Tue, 06 Dec 2022 00:27:10 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash afaf96754ec25f0e9fd321ee4fd90fa9
0d38eb50d19ce79e547c37e007980b576a57621f
6c0ce617a089cd3c723de52061ecc5ed2f1a6ac476c48a5cc4d0f4f5e5d50d0d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 00:27:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:26:19 GMT
Expires: Mon, 12 Dec 2022 14:26:18 GMT
Etag: "0d38eb50d19ce79e547c37e007980b576a57621f"
Cache-Control: max-age=568147,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7750e4ebcf3db4fd-OSL
1865e08ae4.smapp.work/api/v1/click/confirm.js?data=gAAAAABjjoxdPm9052MoQY8W7Hi8d48x53nkketUwCnVPjsY1JyjvaqSzVDEdWcvgSef6briPCdG02iPzlFJbAyRQzozX0k_aduMv5lmuCOSMgMPwcvcf218tbqNDbyzfRTHJS7cB06CmTbg4jPrOJ7_73CnP-ja6j1_8FmsESKtEl-oUr_SlDpMFMnWvIWRqA9K63pJ-ETfWaukZzzGcz8AHShsex-fdD2GFoGAJXqhEi3cQxfEWQdw637gu7IkdtO9h1JZFvqOmCY_t-lUM0ayLRscXu0Q0KgZl9fjoYXe-0XN9fZa7OvtDiHaQxJgx69Yi5E0pX6GyB5kqvNRDUUof9le3cGHZwfxiY_LtY9MNnvl4pBxKMl0PxrRG7UY6XrpHAPfaithB_Fk4CCdJo7XJx_HbqhplI3M_tv83GMPFn65XUPyvtFZ_CphmaoOk7mGQDXwvqClzvXLWGLLS3_DuPSqvvnNIxKiVmu-LQX8sLqARYakaRyx6689U0u_PMRNapkyCHY7x-HJNLw23UO5SAQCVAi5QsVglwDGBBsjXfioSTVR7uEg3GZhuDHQQHbMtv_3GwPDijaHS0R7nfRxfK9l-c1OVCVI2pZbmrxqbNONT4q0Wgz38w72aVuUkt2yij_06xb9vhQbRRyU5P0Odm7c1MFgJ_Hew9iB8KNKPvXybnO5ctoRDXovS8rDbi1nppff9qNnGGOWDT0cmpSFR2pnmqvli_WKCsBnLytf2onFnTP17LBwg4FyZwVAt1MrYV-PKrvkaE1XiE4B8roxKzLmTqxJgYYTkADw5KTt7mjNum6GPSGp9udRlSE8Li9tSDqOTSe0d1Y5pu_ULvh-3zzHYZy-R3OvAJH9kEwTam3L_5csSApSAnVNa2R2pWkvRCHF-ZpxkyckDzK7651kR8j13ufQbkTbWvCApIhVs_y6GfBGQghXCgFjfVGBR1P3gg3EuatFGnoPuYCkUav_Or3twxjD2sRwtKBkhpkpwPceReoifao4pd0-Rv61KI77YSI86fJa5B8pymGwIDReeBHS1iwnqHMjVZzaKFgDXWc09ydL_KiMSzhC-MfGNG7RTlXUb2eoH0_IFag5o09Yik6_PCPz8rr36JHg3I3LjlxeoXLj9j-m-d2KqA3MFdc7Pt95xFBYQ1vxauglzVgV-9JQpmwFQHghcnDgKHSNAg7m5z8OSsKyg52cwHJhhiy3f8YmX4nAstvgtdiolfP4d1pum-ttcw-Kv57uIcQVE4BW6tjoK0H40GlGJbs1u2-0RmOxPPaGJyZTCwZKc9PRdCxEtcryL4IwHQ1IANBCRbNpHWz9AM0wU2N4exUxuAdzOI3vYTBfQii7XLSwLwRDQc9xuOroCg2anIl8Asfl9ezhpGwuck8T_JHf0q8epKQsHT3R8i1rHS0DRicvkr7Ins-m-lJVa4n0IBLT41yQtPV8BEL6pMRyMiCpTz_rRYBPTsyjqYrH4O9NKp0YLIYYmIa_OWwCmyLgv9yMpbuLGITWFoLS0Kbi1tjZqGB3Vr2248McI0ogsqEDm3qDMtLMbhD4afjiSbV5fhtzRLL10D51ys2c9gzDK-Z-DVR-tNTOP_VcNShSczIAGezXyKhBicHAaNhYHQOysOGO2rBhCVHuqnzr8Oxarxed_5Xh69U6kRJudsX1WcxLPAdHm7qdzJkAJrn0xl2-PZ4vfNyjM1xVP1qWGBD11RGP5lGbTYa_6KsQpszg2uhxdToBKPJSVKIuEjEVOTS3LLagRjeZueQiO5s0C5s-2Sa_7in51Z3Y5VdtEc-Qb5jB7bVygI94niYaHtwhDC3xs3wJF3bZz9df9QEy9EzNtJu6FcxUu9Llui-KOAGn1GZJg9xFfP2U_XvyqrtOwMf4amnM8quNwj9TsVW7dOwtTG-IWWoJLLimqwE5AJiqPJYcV4tcrZs4Ob0NOv_47Ps5z55yj8g5vOslWlF3GF1QafKDwV7Y5_r3J9C0URYgnL-GmO6evbcYEgo2XlD8GGzYYoYb-gaj8wxiPjTmLRESxDdcBpPinYSNN_D_K-24aMyz9NGl-GR45WERekxkwwsvIsItBwGsUJNcQQ8y6tJC3yTS72Yh8_ytwgV7sq_UaksMjDU9_kEMgJUoG9LE0FbliSVOvMiBEdFfwNYctuokEgfURrIsotpwiGe0ae1oRdY3e2INcJpkIx_s7t-A6uUfakGX-nFpL1cFPcrCIYAJcAKW_JXtkoia1a7yjGdqFBFfHI_AL-QzwnjP_FDrlNI7V-SkePKpyUUuQzRX0v5FpLNw16sc_TWbFxGO1uGVkcOvOZKlSWqKO9rZDsL-psULjnv1MnG-CIeyOvpnIn2Uw3uZZuieIuLplcH9pPlYApDdq9sEOM4OEe6HNWpzNkmhen4qcNypXfNsgBGZdAnheTs5e-VVRnSutwQtLvu7y76S2hxgPASfiMtcvOzwUfBxjlfkXXdGdRQHbFjI9OCNHMSQAze_uU2ubkn00i-FVvVX40kgdxB7ko6XImdNCOi03OZFxkqaUWpU-ZVPgc4vIHjn_aFb2Gdt3N4bkgPy31MIHbuEwJiTlsfCgvEk5g%3D%3D
35.186.250.143200 OK 0 B URL HTTP/2 1865e08ae4.smapp.work/api/v1/click/confirm.js?data=gAAAAABjjoxdPm9052MoQY8W7Hi8d48x53nkketUwCnVPjsY1JyjvaqSzVDEdWcvgSef6briPCdG02iPzlFJbAyRQzozX0k_aduMv5lmuCOSMgMPwcvcf218tbqNDbyzfRTHJS7cB06CmTbg4jPrOJ7_73CnP-ja6j1_8FmsESKtEl-oUr_SlDpMFMnWvIWRqA9K63pJ-ETfWaukZzzGcz8AHShsex-fdD2GFoGAJXqhEi3cQxfEWQdw637gu7IkdtO9h1JZFvqOmCY_t-lUM0ayLRscXu0Q0KgZl9fjoYXe-0XN9fZa7OvtDiHaQxJgx69Yi5E0pX6GyB5kqvNRDUUof9le3cGHZwfxiY_LtY9MNnvl4pBxKMl0PxrRG7UY6XrpHAPfaithB_Fk4CCdJo7XJx_HbqhplI3M_tv83GMPFn65XUPyvtFZ_CphmaoOk7mGQDXwvqClzvXLWGLLS3_DuPSqvvnNIxKiVmu-LQX8sLqARYakaRyx6689U0u_PMRNapkyCHY7x-HJNLw23UO5SAQCVAi5QsVglwDGBBsjXfioSTVR7uEg3GZhuDHQQHbMtv_3GwPDijaHS0R7nfRxfK9l-c1OVCVI2pZbmrxqbNONT4q0Wgz38w72aVuUkt2yij_06xb9vhQbRRyU5P0Odm7c1MFgJ_Hew9iB8KNKPvXybnO5ctoRDXovS8rDbi1nppff9qNnGGOWDT0cmpSFR2pnmqvli_WKCsBnLytf2onFnTP17LBwg4FyZwVAt1MrYV-PKrvkaE1XiE4B8roxKzLmTqxJgYYTkADw5KTt7mjNum6GPSGp9udRlSE8Li9tSDqOTSe0d1Y5pu_ULvh-3zzHYZy-R3OvAJH9kEwTam3L_5csSApSAnVNa2R2pWkvRCHF-ZpxkyckDzK7651kR8j13ufQbkTbWvCApIhVs_y6GfBGQghXCgFjfVGBR1P3gg3EuatFGnoPuYCkUav_Or3twxjD2sRwtKBkhpkpwPceReoifao4pd0-Rv61KI77YSI86fJa5B8pymGwIDReeBHS1iwnqHMjVZzaKFgDXWc09ydL_KiMSzhC-MfGNG7RTlXUb2eoH0_IFag5o09Yik6_PCPz8rr36JHg3I3LjlxeoXLj9j-m-d2KqA3MFdc7Pt95xFBYQ1vxauglzVgV-9JQpmwFQHghcnDgKHSNAg7m5z8OSsKyg52cwHJhhiy3f8YmX4nAstvgtdiolfP4d1pum-ttcw-Kv57uIcQVE4BW6tjoK0H40GlGJbs1u2-0RmOxPPaGJyZTCwZKc9PRdCxEtcryL4IwHQ1IANBCRbNpHWz9AM0wU2N4exUxuAdzOI3vYTBfQii7XLSwLwRDQc9xuOroCg2anIl8Asfl9ezhpGwuck8T_JHf0q8epKQsHT3R8i1rHS0DRicvkr7Ins-m-lJVa4n0IBLT41yQtPV8BEL6pMRyMiCpTz_rRYBPTsyjqYrH4O9NKp0YLIYYmIa_OWwCmyLgv9yMpbuLGITWFoLS0Kbi1tjZqGB3Vr2248McI0ogsqEDm3qDMtLMbhD4afjiSbV5fhtzRLL10D51ys2c9gzDK-Z-DVR-tNTOP_VcNShSczIAGezXyKhBicHAaNhYHQOysOGO2rBhCVHuqnzr8Oxarxed_5Xh69U6kRJudsX1WcxLPAdHm7qdzJkAJrn0xl2-PZ4vfNyjM1xVP1qWGBD11RGP5lGbTYa_6KsQpszg2uhxdToBKPJSVKIuEjEVOTS3LLagRjeZueQiO5s0C5s-2Sa_7in51Z3Y5VdtEc-Qb5jB7bVygI94niYaHtwhDC3xs3wJF3bZz9df9QEy9EzNtJu6FcxUu9Llui-KOAGn1GZJg9xFfP2U_XvyqrtOwMf4amnM8quNwj9TsVW7dOwtTG-IWWoJLLimqwE5AJiqPJYcV4tcrZs4Ob0NOv_47Ps5z55yj8g5vOslWlF3GF1QafKDwV7Y5_r3J9C0URYgnL-GmO6evbcYEgo2XlD8GGzYYoYb-gaj8wxiPjTmLRESxDdcBpPinYSNN_D_K-24aMyz9NGl-GR45WERekxkwwsvIsItBwGsUJNcQQ8y6tJC3yTS72Yh8_ytwgV7sq_UaksMjDU9_kEMgJUoG9LE0FbliSVOvMiBEdFfwNYctuokEgfURrIsotpwiGe0ae1oRdY3e2INcJpkIx_s7t-A6uUfakGX-nFpL1cFPcrCIYAJcAKW_JXtkoia1a7yjGdqFBFfHI_AL-QzwnjP_FDrlNI7V-SkePKpyUUuQzRX0v5FpLNw16sc_TWbFxGO1uGVkcOvOZKlSWqKO9rZDsL-psULjnv1MnG-CIeyOvpnIn2Uw3uZZuieIuLplcH9pPlYApDdq9sEOM4OEe6HNWpzNkmhen4qcNypXfNsgBGZdAnheTs5e-VVRnSutwQtLvu7y76S2hxgPASfiMtcvOzwUfBxjlfkXXdGdRQHbFjI9OCNHMSQAze_uU2ubkn00i-FVvVX40kgdxB7ko6XImdNCOi03OZFxkqaUWpU-ZVPgc4vIHjn_aFb2Gdt3N4bkgPy31MIHbuEwJiTlsfCgvEk5g%3D%3D
IP 35.186.250.143:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/click/confirm.js?data=gAAAAABjjoxdPm9052MoQY8W7Hi8d48x53nkketUwCnVPjsY1JyjvaqSzVDEdWcvgSef6briPCdG02iPzlFJbAyRQzozX0k_aduMv5lmuCOSMgMPwcvcf218tbqNDbyzfRTHJS7cB06CmTbg4jPrOJ7_73CnP-ja6j1_8FmsESKtEl-oUr_SlDpMFMnWvIWRqA9K63pJ-ETfWaukZzzGcz8AHShsex-fdD2GFoGAJXqhEi3cQxfEWQdw637gu7IkdtO9h1JZFvqOmCY_t-lUM0ayLRscXu0Q0KgZl9fjoYXe-0XN9fZa7OvtDiHaQxJgx69Yi5E0pX6GyB5kqvNRDUUof9le3cGHZwfxiY_LtY9MNnvl4pBxKMl0PxrRG7UY6XrpHAPfaithB_Fk4CCdJo7XJx_HbqhplI3M_tv83GMPFn65XUPyvtFZ_CphmaoOk7mGQDXwvqClzvXLWGLLS3_DuPSqvvnNIxKiVmu-LQX8sLqARYakaRyx6689U0u_PMRNapkyCHY7x-HJNLw23UO5SAQCVAi5QsVglwDGBBsjXfioSTVR7uEg3GZhuDHQQHbMtv_3GwPDijaHS0R7nfRxfK9l-c1OVCVI2pZbmrxqbNONT4q0Wgz38w72aVuUkt2yij_06xb9vhQbRRyU5P0Odm7c1MFgJ_Hew9iB8KNKPvXybnO5ctoRDXovS8rDbi1nppff9qNnGGOWDT0cmpSFR2pnmqvli_WKCsBnLytf2onFnTP17LBwg4FyZwVAt1MrYV-PKrvkaE1XiE4B8roxKzLmTqxJgYYTkADw5KTt7mjNum6GPSGp9udRlSE8Li9tSDqOTSe0d1Y5pu_ULvh-3zzHYZy-R3OvAJH9kEwTam3L_5csSApSAnVNa2R2pWkvRCHF-ZpxkyckDzK7651kR8j13ufQbkTbWvCApIhVs_y6GfBGQghXCgFjfVGBR1P3gg3EuatFGnoPuYCkUav_Or3twxjD2sRwtKBkhpkpwPceReoifao4pd0-Rv61KI77YSI86fJa5B8pymGwIDReeBHS1iwnqHMjVZzaKFgDXWc09ydL_KiMSzhC-MfGNG7RTlXUb2eoH0_IFag5o09Yik6_PCPz8rr36JHg3I3LjlxeoXLj9j-m-d2KqA3MFdc7Pt95xFBYQ1vxauglzVgV-9JQpmwFQHghcnDgKHSNAg7m5z8OSsKyg52cwHJhhiy3f8YmX4nAstvgtdiolfP4d1pum-ttcw-Kv57uIcQVE4BW6tjoK0H40GlGJbs1u2-0RmOxPPaGJyZTCwZKc9PRdCxEtcryL4IwHQ1IANBCRbNpHWz9AM0wU2N4exUxuAdzOI3vYTBfQii7XLSwLwRDQc9xuOroCg2anIl8Asfl9ezhpGwuck8T_JHf0q8epKQsHT3R8i1rHS0DRicvkr7Ins-m-lJVa4n0IBLT41yQtPV8BEL6pMRyMiCpTz_rRYBPTsyjqYrH4O9NKp0YLIYYmIa_OWwCmyLgv9yMpbuLGITWFoLS0Kbi1tjZqGB3Vr2248McI0ogsqEDm3qDMtLMbhD4afjiSbV5fhtzRLL10D51ys2c9gzDK-Z-DVR-tNTOP_VcNShSczIAGezXyKhBicHAaNhYHQOysOGO2rBhCVHuqnzr8Oxarxed_5Xh69U6kRJudsX1WcxLPAdHm7qdzJkAJrn0xl2-PZ4vfNyjM1xVP1qWGBD11RGP5lGbTYa_6KsQpszg2uhxdToBKPJSVKIuEjEVOTS3LLagRjeZueQiO5s0C5s-2Sa_7in51Z3Y5VdtEc-Qb5jB7bVygI94niYaHtwhDC3xs3wJF3bZz9df9QEy9EzNtJu6FcxUu9Llui-KOAGn1GZJg9xFfP2U_XvyqrtOwMf4amnM8quNwj9TsVW7dOwtTG-IWWoJLLimqwE5AJiqPJYcV4tcrZs4Ob0NOv_47Ps5z55yj8g5vOslWlF3GF1QafKDwV7Y5_r3J9C0URYgnL-GmO6evbcYEgo2XlD8GGzYYoYb-gaj8wxiPjTmLRESxDdcBpPinYSNN_D_K-24aMyz9NGl-GR45WERekxkwwsvIsItBwGsUJNcQQ8y6tJC3yTS72Yh8_ytwgV7sq_UaksMjDU9_kEMgJUoG9LE0FbliSVOvMiBEdFfwNYctuokEgfURrIsotpwiGe0ae1oRdY3e2INcJpkIx_s7t-A6uUfakGX-nFpL1cFPcrCIYAJcAKW_JXtkoia1a7yjGdqFBFfHI_AL-QzwnjP_FDrlNI7V-SkePKpyUUuQzRX0v5FpLNw16sc_TWbFxGO1uGVkcOvOZKlSWqKO9rZDsL-psULjnv1MnG-CIeyOvpnIn2Uw3uZZuieIuLplcH9pPlYApDdq9sEOM4OEe6HNWpzNkmhen4qcNypXfNsgBGZdAnheTs5e-VVRnSutwQtLvu7y76S2hxgPASfiMtcvOzwUfBxjlfkXXdGdRQHbFjI9OCNHMSQAze_uU2ubkn00i-FVvVX40kgdxB7ko6XImdNCOi03OZFxkqaUWpU-ZVPgc4vIHjn_aFb2Gdt3N4bkgPy31MIHbuEwJiTlsfCgvEk5g%3D%3D HTTP/1.1
Host: 1865e08ae4.smapp.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=porraceous-llama&aff_sub_id=xray-het-k8eyddjp0l
Cookie: cx_ntsl_i=be39a1ce-cf0f-4129-a7e3-1cdfd6386e03; instal-cookie="2|1:0|10:1670286429|13:instal-cookie|124:eyIzMjQ0NjgwIjogImQyNzFhMzExLTdjMDUtNDBmYS1iMzU0LWM4MjRlNTJhMWJkZDpmNDViZjQxY2NmNmEzZmM0NzlmNTUwZGQxMGFjZDlhYzlmMTNjMmE5In0=|3913b12749a8c4e0f98f605e6dfbe8603ecdd1845b0edcd55d8e941ae9125fae"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: TornadoServer/5.1.1
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b73a145e6a2e11d111d0d18569a866d7
0391ca6bc7547bfc9614121d2cf3d8d9bbdda9d6
30ca4646b5d049c122b0f0c32e5fc258c3589271631d679118aa6db95617c7de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170541
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:27:10 GMT
Etag: "638e838b-116"
Expires: Wed, 07 Dec 2022 23:49:31 GMT
Last-Modified: Mon, 05 Dec 2022 23:49:31 GMT
Server: nginx
Content-Length: 278
findyourhalf.top/assets/032bcaf74c0de2c93c8e.jpg
172.67.70.156200 OK 34 kB URL HTTP/2 findyourhalf.top/assets/032bcaf74c0de2c93c8e.jpg
IP 172.67.70.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x390, components 3\012- data
Hash e38526805379a23a1bcfefabf38befa2
afe5306e0df615f7238ad8fe41b33ecd38c10fd7
999863c911c86160c1f2721524580942426d157547b36985f643aeea0dab4aa1
GET /assets/032bcaf74c0de2c93c8e.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 33612
cf-bgj: h2pri
etag: "638de05c-834c"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvuXlhv3SN8rD4JOTGRFaWaGH3KIpDReFFDG53a895BDCk3McqMGyzJog89lPi1rr2m8I1RFYvzJ2dw9vZT2N57%2BQpnfc7Fjw4y4t9LHhuSK3gkHHa%2FMR%2F7Nyy06c0KgBrA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce85b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/2c7be58264048611fef5.png
172.67.70.156200 OK 1.6 kB URL HTTP/2 findyourhalf.top/assets/2c7be58264048611fef5.png
IP 172.67.70.156:0
File type PNG image data, 61 x 98, 8-bit colormap, non-interlaced\012- data
Hash 214628994adff396733825e7b9778ad8
cfcdb02dd750c2c56ce0df960f032865d0315d24
072083cb6a8af8fdfad3087d4aafe1fbb1ef96c4863dc53d9f1483ce83937dfb
GET /assets/2c7be58264048611fef5.png HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/png
content-length: 1574
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
etag: "638de05c-626"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQcUqnySDWF1fmA%2FDxqZ0DmIdB9jFS%2B2CAk0Tt8hZz9XghydzUhFs5Oa%2F4zf2gpLoPTjUthnfgSRiWKsITH%2FUUgl52ODcM3ApvzaHKPSfKrYh0RRRxCF8KItx1OVpC6emv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce87b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/d4df7c721715d3197d35.jpg
172.67.70.156200 OK 34 kB URL HTTP/2 findyourhalf.top/assets/d4df7c721715d3197d35.jpg
IP 172.67.70.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x499, components 3\012- data
Hash 785457fd7f81715119251bcf4c1a8f56
66cbede5b601e6d0857441c939e9798493e812c2
32bfa591e8f2fb193889b21a3ec397e4029a5eeb22b4f1a718b056978013580c
GET /assets/d4df7c721715d3197d35.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 33816
cf-bgj: h2pri
etag: "638de05c-8418"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhBHa2YnwYM%2FiumKnZXXUUA%2B3CPdl%2FHYlY2Q1ePBbmzxbbzZKJSYFlgVQXT8aWP7oJsuPeZp%2BVui9FOdo6Hsm0c9hrGqDi2FCavfAfN73bvNF%2FxYtyt5thvgrkfdmCXxW6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde8bb4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/47ae6a5ba10cda2c9e0b.jpg
172.67.70.156200 OK 21 kB URL HTTP/2 findyourhalf.top/assets/47ae6a5ba10cda2c9e0b.jpg
IP 172.67.70.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash 56b1d087e07bfce17502f3d15a29599d
1a3fdece929142b64a427a813298a4278f9c9a3b
06bda10f4f886bd1dc58e72919dce1d5ef8395a9103cc719c333088ae7cf6677
GET /assets/47ae6a5ba10cda2c9e0b.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 20958
cf-bgj: h2pri
etag: "638de05c-51de"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1kNjsEgUIbFgitMcF6Cg0yb0UoRAl7aur1chxgCJw6A3mauAeV5FkJwrhTzNxzNtispbX4VX1325xQxAPM5zXr2cbfeiNZxui5too8CtcGpYpnOtfevx29LMRezwxkMbIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde91b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/1418d3d54dbb9471fdf4.jpg
172.67.70.156200 OK 55 kB URL HTTP/2 findyourhalf.top/assets/1418d3d54dbb9471fdf4.jpg
IP 172.67.70.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 554x414, components 3\012- data
Hash 6d4697c58b5ca314ed5e18bd8ca6b9ce
2a6e9b8a93d359dd492fb3cfbb2bd768c28aa6cb
7d38705aa944831049bd714c99d3912f3528c27c5bbdac5bbd6fdcabef869bfa
GET /assets/1418d3d54dbb9471fdf4.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 54789
cf-bgj: h2pri
etag: "638de05c-d605"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry%2FI1bnn0rq0UIpQYsJC0RGGhDa3sCf1wEpcdyheiLUEzMglytNlYfAcPC6FP53FJYv9yiOFEG8z67ppNdakz09FB3N2R3OO%2Feqxx0d6dem4jt62KrQ8ZtFHKAPrEN4NxI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde93b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/848c59c46246f7f3cae9.jpg
172.67.70.156200 OK 12 kB URL HTTP/2 findyourhalf.top/assets/848c59c46246f7f3cae9.jpg
IP 172.67.70.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 360x241, components 3\012- data
Hash 147a131b97e24b606548d78e8fa56e63
b746629c163d2cc3f3ac1d81b9bed35e682e85fc
10e26b8306c1bc3958e6b243fa4dd0aae70c197f460a9eec192dff846ba8aeaa
GET /assets/848c59c46246f7f3cae9.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 12409
cf-bgj: h2pri
etag: "638de05c-3079"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2ByeO8%2FnMKXcmCv1Lc7VIBCNpRnTbaeMYS4NJe11C56BZqvDODC8N1IRu9zLeAtXHE68HCamKXIPlwRjmIisWGWKxIIVS6%2FYDBfjiq16Pcrb8D9GtG5DLDhzxBlFS333omY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde92b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/0e8214b6a04a80b2ed65.jpg
172.67.70.156200 OK 118 kB URL HTTP/2 findyourhalf.top/assets/0e8214b6a04a80b2ed65.jpg
IP 172.67.70.156:0
File type PNG image data, 507 x 500, 8-bit colormap, non-interlaced\012- data
Size 118 kB (118495 bytes)
Hash fafd80f19f1c7b5806ec7f6935872cb4
d8c6a473659ac0ba5472bcdfa4b7dab91470ed07
e65ad8065b9444d3881bb4d2fdd160f90f1babeb7a0f712f288a77aeef18ad87
GET /assets/0e8214b6a04a80b2ed65.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 118495
cf-bgj: h2pri
etag: "638de05c-1cedf"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkzaoSSXInGEKhyX7OmPwNK51MiWN2KMOcepwlrzwr%2FFbV4S7gTiVOJ1n9H9YVLH9W6axAuj3%2FmOiHtiMTDgYUBo3AQ9evSSsv0Quje901u%2FdGtGAtmTANfcaG8bCYhyh8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde94b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/56d040d1d8bf3bf21d63.jpg
172.67.70.156200 OK 55 kB URL HTTP/2 findyourhalf.top/assets/56d040d1d8bf3bf21d63.jpg
IP 172.67.70.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x620, components 3\012- data
Hash 9ddc7b6cb356a6d2e99eed41cc1734de
e1da98ccc6c5198d528384dcf0796de766475488
b80543c059b42b12ff905047b8a8f5d6f4b676febb7edc65aa602e64248dd837
GET /assets/56d040d1d8bf3bf21d63.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 55200
cf-bgj: h2pri
etag: "638de05c-d7a0"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ut6ikL7lLrvhh8unqtYK1tLyv3eagCnqHz0AfZiPsWuKTa6oM1yOagdzdkqCwjJ7fknUTIfgseR1LjJUuq7dRhEX1Y3x5mvNF%2FpVektDvLJOnkiX9oowmWvL5WDINEWgKRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde95b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/assets/06c49b18302a6f35f315.jpg
172.67.70.156200 OK 21 kB URL HTTP/2 findyourhalf.top/assets/06c49b18302a6f35f315.jpg
IP 172.67.70.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x375, components 3\012- data
Hash 0d0464ad4924d5189707d2508a818e37
d40c4e3dcaeaaae3eb66d3ca096f8569c4605e21
d8b8c213ff1fcd97e0cbb4ec056712bfed39405c65a20135135328b5ad1104af
GET /assets/06c49b18302a6f35f315.jpg HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: image/jpeg
content-length: 20712
cf-bgj: h2pri
etag: "638de05c-50e8"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaNe97RXUSQoR6gaN6Ji4kZW9Dg5W4H%2Bzw7ThoZ%2FsEhvOxLn2Tfs03kINGz%2BHdri3vevprtZB3CT%2Fhp2ExLmn965o6HuQMMKfj%2Fo1F4Ph%2BPGV4i9RLJegLQHoEKyEw8bfIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde90b4ff-OSL
X-Firefox-Spdy: h2
findyourhalf.top/js/v-utils.js.bccc969f.js
172.67.70.156200 OK 56 kB URL HTTP/2 findyourhalf.top/js/v-utils.js.bccc969f.js
IP 172.67.70.156:0
File type ASCII text, with very long lines (8631), with no line terminators
Hash 41b42c5aa420637b6084b6609f79e775
530cbee02cf2c9d5900d77bda32102d8a55a6cbc
b096504ef65f3972064af62f6ae8d4f404ae5e74bd9162f068519e2e9757f4dd
GET /js/v-utils.js.bccc969f.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=8634
etag: W/"638de05c-21ba"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKyHMb9N1gLbST7We09jxhCxoRdofaDsT8u%2BLOv3MflXjv2h0jjilDgkTHSlBTyukf97eliyQ6KBieUR1K91tUarKnJlQrw%2B3VAYm0r3eiTP8nDeCL7oJOOUf8bMDjrJ01k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce7cb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash feada0c59c0eaab85490c6c8a7bcdd19
067889598d6125a945f0f7815a03328b62e9d139
18d3562684c32ed7b8d7cf02c853d8f1f08bf1074151891d9b756d14fdddfa1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18D3562684C32ED7B8D7CF02C853D8F1F08BF1074151891D9B756D14FDDDFA1F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11958
Expires: Tue, 06 Dec 2022 03:46:29 GMT
Date: Tue, 06 Dec 2022 00:27:11 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash c45390a63f19b3894cf42fc0f0070173
0bcdf5ce2ccc106c2099237e10184aa02fbbfb77
12dc550fef4600e175c1a32cc595aa82f8debdafd89d1b80cbe7ea84e10f5d4b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://findyourhalf.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d2a02dfee7994dd8ae6e1a1b8c4f87c2; expires=Wed, 06 Dec 2023 00:27:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6f716c5143b8837269a1863f4840fbb2
d9aba4f50d175ff144fd687ef2d03a430a115c4e
a86bc243a8d5150eb20dbf6f62a43c9f09be5186ea6ffdc123b6cf7311dedc80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A86BC243A8D5150EB20DBF6F62A43C9F09BE5186EA6FFDC123B6CF7311DEDC80"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3093
Expires: Tue, 06 Dec 2022 01:18:44 GMT
Date: Tue, 06 Dec 2022 00:27:11 GMT
Connection: keep-alive
itcleffaom.com/track?offer_id=2061&z=4655142&request_var=6100_3331&variable2=d271a311-7c05-40fa-b354-c824e52a1bdd:f45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9
139.45.197.237200 OK 148 B URL HTTP/2 itcleffaom.com/track?offer_id=2061&z=4655142&request_var=6100_3331&variable2=d271a311-7c05-40fa-b354-c824e52a1bdd:f45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 673cfa6261713c037f5e6d0d8cebc7e5
3fa4ef98e3409901f9d51f1bd651a130506aed6b
546d54b13b6ae34900ec662401d1df42e740d9bc40c24cca29863414f9affe39
Analyzer Verdict Alert quad9 Sinkholed
GET /track?offer_id=2061&z=4655142&request_var=6100_3331&variable2=d271a311-7c05-40fa-b354-c824e52a1bdd:f45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: application/json
content-length: 148
x-trace-id: 7857c75d6bcfef3ef5c639b9ea87696e
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
findyourhalf.top/pfe/current/micro.tag.min.js?z=5473364&sw=/sw/sw5473364.js&var=4655142&var_3=null&ymid=6100_3331&cdn=1&domain=laugoust.com
172.67.70.156200 OK 27 kB URL HTTP/2 findyourhalf.top/pfe/current/micro.tag.min.js?z=5473364&sw=/sw/sw5473364.js&var=4655142&var_3=null&ymid=6100_3331&cdn=1&domain=laugoust.com
IP 172.67.70.156:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bd46b2e0a2444c7e2df0452653ff9a37
6659315755b62e4e8a6323ac25252249bd6525a2
1f10d66c99f1d90d2c9b4bb1dbdc47d119452eeabbabf2e242b5ee11f24e1c12
GET /pfe/current/micro.tag.min.js?z=5473364&sw=/sw/sw5473364.js&var=4655142&var_3=null&ymid=6100_3331&cdn=1&domain=laugoust.com HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 12:13:17 GMT
vary: Accept-Encoding
etag: W/"638de05d-1325e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SNyW2rn%2FFkq5hrg3Lkwg6qvePcollh0njLDZ39zqELSbZ7FYQMYF9UIH5k5vn3c%2FEikbdq%2FscJsulMM0a%2B6%2BylvBQ%2FoQUm0m7ZnDoUeAuGChzfBInryDY%2BrsO0cUfn5RhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4f2c8aab4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/img/fav/heart-apple-60.png
172.67.70.156200 OK 4.7 kB URL HTTP/2 findyourhalf.top/img/fav/heart-apple-60.png
IP 172.67.70.156:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash df363aa0b52e70e713d8279bf63d7c11
a78e2139a964ccd9dc48892985cd8f47ba982eda
0710e7435d9fb61d35b26d23efaef1e09caa18d9d0123652a5095d36e2413ae7
GET /img/fav/heart-apple-60.png HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: image/png
content-length: 4742
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
etag: "638de05c-1286"
cache-control: max-age=14400
cf-cache-status: HIT
age: 571
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPdCb1wVA780murdEYoqBLmWjjUoe9Pif0xilyoUuyLnRQFktkrSXcyq%2FOlzGqrMx060KsUJ0nwtQpfAhASSwVM1XD6GKT43QA%2BJ2k1L%2B%2BeTzhcojo4ACY9yX1GI9KSv85E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4f4a9f6b4ff-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7dfcccf215cf86b4623fff4c034715a4
50a277a800ab385c2e3c003f66a133952df13344
fc9a4dcaf897cbbe6d4350aeaa7b99c286ed1b6acbf2b2f9e01d5593732347a3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "FC9A4DCAF897CBBE6D4350AEAA7B99C286ED1B6ACBF2B2F9E01D5593732347A3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9591
Expires: Tue, 06 Dec 2022 03:07:02 GMT
Date: Tue, 06 Dec 2022 00:27:11 GMT
Connection: keep-alive
findyourhalf.top/img/fav/heart-16.png
172.67.70.156200 OK 670 B URL HTTP/2 findyourhalf.top/img/fav/heart-16.png
IP 172.67.70.156:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 161113cd0cedcbb5a4a76ef87c00b0ea
ec807c2867bd4ff3c3aef6ff966ae1648832591b
df545a40f6092920cf46af4e124e550273bc0b9aaec5f137f3d03ba91aa02274
GET /img/fav/heart-16.png HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: image/png
content-length: 670
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
etag: "638de05c-29e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQ2FUR3A9Iz84cS2wtoNRI8cBOdgDgFLnrj1cLQlXBBm0YmDhEzWIz3xPiazBIe6CrP%2Ffos057IVs%2BmvVBx7hLy2%2FaPGhwQ2gvXKpNEyb%2FGeM1%2FCEauUHQluOzYPavYeRwM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4f4a9fab4ff-OSL
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash b341e7255677de45c828589c08f48e29
3cdbf4999629b81a118a8d93cee9aecbf1e26e09
b89e7768b8802d520d1b92ce5159b61df39a640df7a86ed326184f6218d25144
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 00:27:11 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 09 Dec 2022 23:32:31 GMT
ETag: "3cdbf4999629b81a118a8d93cee9aecbf1e26e09"
Last-Modified: Mon, 05 Dec 2022 23:32:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 160
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7750e4f58d6ab524-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 00:27:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=305765,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7750e4f5bc7bb4fd-OSL
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1159
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 06 Dec 2022 00:27:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://findyourhalf.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
cdntechone.com/stattag.js
188.114.96.1200 OK 78 kB URL HTTP/2 cdntechone.com/stattag.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (12932), with no line terminators
Hash 617bb1a66598515593f25ab34f5e5985
512cc4548885666a8b05cf09e6c942d694d667e2
37f6375148a8604e9e21e2bde5e13548d0149907e21b06c6983788fea82ca7d0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EN04DozNAAWGzs6xw9FCYYhy3L81fnPQ7cL5icVUANmDtI1ngg8qN8aSmeb2S3TcGejlTvkFUIgE8xDB5I8Arw18LaDwllGr7NuF%2FRk51ZlpEcoA4aUj%2F1MriMY8QLAsEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7750e4f49c161c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Dec 2022 00:27:11 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Tue, 06 Dec 2022 01:27:11 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A192%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A706230330%3Arqn%3A1%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C1%2C%2C0%2C%2C149%2C1%2C%2C%2C%2C303%3Aco%3A0%3Ans%3A1670286428018%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A192%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A706230330%3Arqn%3A1%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C1%2C%2C0%2C%2C149%2C1%2C%2C%2C%2C303%3Aco%3A0%3Ans%3A1670286428018%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash effa1defc295e3eeb8cfefa201dd57ff
13a3e2b5224aac1ee7483cc9cf5bf8df4ab1c1df
df3682b734257c47b40e3f93358552fc5807072bc22d7f36e21b5b8827014644
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A192%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A706230330%3Arqn%3A1%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C1%2C%2C0%2C%2C149%2C1%2C%2C%2C%2C303%3Aco%3A0%3Ans%3A1670286428018%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Tue, 06 Dec 2022 00:27:12 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 00:27:12 GMT
last-modified: Tue, 06-Dec-2022 00:27:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A692124475%3Arqn%3A2%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1132%2C1132%2C0%2C%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A692124475%3Arqn%3A2%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1132%2C1132%2C0%2C%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A692124475%3Arqn%3A2%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1132%2C1132%2C0%2C%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 78
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Dec 2022 00:27:12 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 00:27:12 GMT
last-modified: Tue, 06-Dec-2022 00:27:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A192%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A706230330%3Arqn%3A1%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C1%2C%2C0%2C%2C149%2C1%2C%2C%2C%2C303%3Aco%3A0%3Ans%3A1670286428018%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A192%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A706230330%3Arqn%3A1%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C1%2C%2C0%2C%2C149%2C1%2C%2C%2C%2C303%3Aco%3A0%3Ans%3A1670286428018%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A192%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A706230330%3Arqn%3A1%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C1%2C%2C0%2C%2C149%2C1%2C%2C%2C%2C303%3Aco%3A0%3Ans%3A1670286428018%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A192%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A706230330%3Arqn%3A1%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C1%2C%2C0%2C%2C149%2C1%2C%2C%2C%2C303%3Aco%3A0%3Ans%3A1670286428018%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Tue, 06 Dec 2022 00:27:11 GMT
access-control-allow-origin: https://findyourhalf.top
set-cookie: yabs-sid=2371771971670286431; Path=/; SameSite=None; Secure
i=EiWrIyUr2LZ7LaMGv+fn+twq+zhE9a2Ckw7qj9dUIZkCR1ogYzbV3df4waHVrmIqh+TejCm1uPeCQnqaimS6uVLH7AQ=; Expires=Fri, 03-Dec-2032 00:26:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7391342421670286431; Expires=Wed, 06-Dec-2023 00:27:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7391342421670286431; Expires=Wed, 06-Dec-2023 00:27:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701822431.yc.1670286431#1701822431.yrts.1670286431#1701822431.yrtsi.1670286431; Expires=Wed, 06-Dec-2023 00:27:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 00:27:11 GMT
last-modified: Tue, 06-Dec-2022 00:27:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=d271a311-7c05-40fa-b354-c824e52a1bdd%3Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9&utm_campaign=6100_3331&utm_medium=4655142&utm_content=zd_public_v2
172.67.70.156200 OK 2.7 kB URL HTTP/2 findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=d271a311-7c05-40fa-b354-c824e52a1bdd%3Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9&utm_campaign=6100_3331&utm_medium=4655142&utm_content=zd_public_v2
IP 172.67.70.156:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5130)
Hash f7bcedb51bcd0bcc6f2a2ebb617963a3
0a0cc82fa592a089b4b0b4fb634c00a60af7ca70
349f4642895a181104234670d8b8abca4499966e136fe35018efe27f7189d9ba
GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=d271a311-7c05-40fa-b354-c824e52a1bdd%3Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9&utm_campaign=6100_3331&utm_medium=4655142&utm_content=zd_public_v2 HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: text/html
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SwAzUiLjalwykqBwLU7M4DT9IbU%2BoQXuVx7ejFusP%2F70q6w0STFg0I71DJ1sr06Jtf09B%2B%2BpReS8AzsJcStb5AqRbXIB60rUyU4Od7kk33Mei2Z%2FAIEmXdhjcVzmgcGVxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4f09f2bb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A1040395695%3Arqn%3A6%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A1040395695%3Arqn%3A6%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A1040395695%3Arqn%3A6%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Dec 2022 00:27:12 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 00:27:12 GMT
last-modified: Tue, 06-Dec-2022 00:27:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
findyourhalf.top/js/v-URLSearchParams.js.f8f87c95.js
172.67.70.156200 OK 192 B URL HTTP/2 findyourhalf.top/js/v-URLSearchParams.js.f8f87c95.js
IP 172.67.70.156:0
File type ASCII text, with no line terminators
Hash 63a8b4812630a7d396e8fb3b03a1b052
9c9e74ea9642138e72cecd1adbe25463494c164c
a67ce0184dd42e9fa9d13594853e6678deb16748da89c7e3d62aaf7c4e84a1b1
GET /js/v-URLSearchParams.js.f8f87c95.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-dc"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM4qYT9536cTLuGff%2FG3WT3aHpROqMgEMTmOfUjahNwPi2TzqHH5t8uXkfGsu%2BWm1lmjYD91mCT7oDBqaHVWDU0oIgg%2F%2FajOg58xCN0eUGK1mmeZwsjKCi3%2FmwSiXGKYlm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce7eb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/rtc.ed8d6171.js
172.67.70.156200 OK 4.5 kB URL HTTP/2 findyourhalf.top/js/rtc.ed8d6171.js
IP 172.67.70.156:0
File type ASCII text, with very long lines (10708), with no line terminators
Hash 2be44a39ac9d9bfa324b7a51268b5ffb
60300b52d6a9489d08b5eb3fa2301535af724b4c
04336fdf63257a481ff64122e0f2a4596c837c2b63f697f91a3289ed2fc1d642
GET /js/rtc.ed8d6171.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-29d4"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMIIiCvdQ4bwlvfwEodK7M%2FtFcDslCn5VbvjfE2b%2FiMmxzZsu%2FkO2YpBTkqRUfmquDtY0%2FJxTKp1BgXqdywfcVRnC%2B2nckwLHEGiD6kEhH884M2C5P%2FHF1QmkNQ%2Bgx50GR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efbe73b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A1016970222%3Arqn%3A10%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A1016970222%3Arqn%3A10%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A1016970222%3Arqn%3A10%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Dec 2022 00:27:12 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 00:27:12 GMT
last-modified: Tue, 06-Dec-2022 00:27:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A684195100%3Arqn%3A8%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A684195100%3Arqn%3A8%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A684195100%3Arqn%3A8%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Dec 2022 00:27:12 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 00:27:12 GMT
last-modified: Tue, 06-Dec-2022 00:27:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A874232442%3Arqn%3A9%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A874232442%3Arqn%3A9%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3Dd271a311-7c05-40fa-b354-c824e52a1bdd%253Af45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670286432_6ced06e9620861a0a2d63741ba24a097cca0667a65fad296b08493a3dc38978f&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A920656283048%3Ahid%3A1010085452%3Az%3A0%3Ai%3A20221206002709%3Aet%3A1670286429%3Ac%3A1%3Arn%3A874232442%3Arqn%3A9%3Au%3A167028642981735303%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670286428018%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670286429%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 384
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Dec 2022 00:27:12 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 00:27:12 GMT
last-modified: Tue, 06-Dec-2022 00:27:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
findyourhalf.top/js/config/dict/cookie-consent-1.json?v=10
172.67.70.156200 OK 3.1 kB URL HTTP/2 findyourhalf.top/js/config/dict/cookie-consent-1.json?v=10
IP 172.67.70.156:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text
Hash 52d387284c6e271f496ee561ce64c43b
2946ba870f0de550cc7acbc942bb7de00a167fc9
f72d66dcc4edfbfdb92be3474d4d8e5c71341369f36484bbb1d787b0fe8652ac
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: application/json
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
etag: W/"638de05c-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOYh6I%2FLeqfMAiZNmypYWTNi1rgSd1RcfjfHScNUiU67salgYmKbct691JNnnfpIlYxSt2i1%2FnZE8YtksmCVUEnmtbZ41DhS6AHQAhjz4wW87QvveqdcSIAVjBffF1JML6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4f25865b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=porraceous-llama&aff_sub_id=xray-het-k8eyddjp0l
35.186.250.143200 OK 0 B URL HTTP/2 1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=porraceous-llama&aff_sub_id=xray-het-k8eyddjp0l
IP 35.186.250.143:0
GET /trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=porraceous-llama&aff_sub_id=xray-het-k8eyddjp0l HTTP/1.1
Host: 1865e08ae4.smapp.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://belia-glp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:09 GMT
content-type: text/html; charset=UTF-8
server: TornadoServer/5.1.1
clickid: d271a311-7c05-40fa-b354-c824e52a1bdd:f45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9
x-service-version: 2.0.1
x-frame-options: SAMEORIGIN
etag: W/"9c94ae674dbf0abce8fac68e58592daba1061219"
set-cookie: cx_ntsl_i=be39a1ce-cf0f-4129-a7e3-1cdfd6386e03; expires=Wed, 02 Dec 2037 00:27:09 GMT; Path=/
instal-cookie="2|1:0|10:1670286429|13:instal-cookie|124:eyIzMjQ0NjgwIjogImQyNzFhMzExLTdjMDUtNDBmYS1iMzU0LWM4MjRlNTJhMWJkZDpmNDViZjQxY2NmNmEzZmM0NzlmNTUwZGQxMGFjZDlhYzlmMTNjMmE5In0=|3913b12749a8c4e0f98f605e6dfbe8603ecdd1845b0edcd55d8e941ae9125fae"; expires=Thu, 05 Jan 2023 00:27:09 GMT; Path=/; SameSite=None; Secure
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
findyourhalf.top/js/v-index.js.99ba7c4d.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/v-index.js.99ba7c4d.js
IP 172.67.70.156:0
GET /js/v-index.js.99ba7c4d.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-9241"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydUiTxvOteuy91TGYxymyAu9gTh8xAoMO%2BuhRjR9ealPw4ZIepvFETS3jKFkZQS7U37LuOMw8eX6lY3bjA5K%2FJmnFEuDt5BLbMMWnj8fpjcRi1dtN7n%2BmXjuMZPEnqe0080%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efbe74b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/survey-dating.d822ef42.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/survey-dating.d822ef42.js
IP 172.67.70.156:0
GET /js/survey-dating.d822ef42.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-476"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Erz3%2Br%2Fgrlmce%2BRQAFKfpCty48KEVxEUmVHDk5X4ILOtou%2FKWSJSivMOrLl8J4UrSByGcMe6qGfBhLvm9Xn8xMXL3vW1ix%2Bz8lRzQC9CW5xfbbxcWn%2Ba%2Bb42KNGoZXpXosQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efeea2b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_3331&cdn=1&domain=laugoust.com
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_3331&cdn=1&domain=laugoust.com
IP 172.67.70.156:0
GET /pfe/current/micro.tag.min.js?z=5473295&sw=/sw/sw5473295.js&var=4655142&var_3=null&ymid=6100_3331&cdn=1&domain=laugoust.com HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 12:13:17 GMT
vary: Accept-Encoding
etag: W/"638de05d-1325e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G40sfbE6zfQXAE2UKwwMuoB8lf6Dec6QKpbZWSnnhldTIBShe1Eiris5RfOaxAIdefA3zIrr1x98wPOQtQhzHoCg0lpmzrXOL%2BlGW09T1HIecNbXo%2FPGFX1ip1mzbkevOss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4f14fadb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/config/data/sd-20610301.js?v=10
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/config/data/sd-20610301.js?v=10
IP 172.67.70.156:0
GET /js/config/data/sd-20610301.js?v=10 HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:11 GMT
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
etag: W/"638de05c-9f0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWOqWcWcMK3b%2BF553BbOwvKewBI5wLLdLYJJXK4jRBCx%2Ffkz68c4JOaGHIDyF1IJM66TIo97R98OwIvNs63cDAaaBiSIfZ3QCSEWB%2Br5r6VhA0xfDOr6OstO84paAgg7ryg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4f22843b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/each-land-config.e6012c96.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/each-land-config.e6012c96.js
IP 172.67.70.156:0
GET /js/each-land-config.e6012c96.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=66899
etag: W/"638de05d-10553"
last-modified: Mon, 05 Dec 2022 12:13:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BBSD%2B7U6A%2FeW0mbsmBdzwTR%2FDapNhpBmFqWz3szSBYjjMvW%2BYNgquo18Dl5vKsndRaVx3QwqVOPM70a6pE8rYE%2Fz7PjsMlb%2FYnTHemB3zEsc9jd8p5eIHyXANQkcRVLE8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce81b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/v-_baseIsEqualDeep.js.55ec21e9.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/v-_baseIsEqualDeep.js.55ec21e9.js
IP 172.67.70.156:0
GET /js/v-_baseIsEqualDeep.js.55ec21e9.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-2d0"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWbIGtTR76bTZ2YvWvwY80OjuQ2H5JcYk%2F%2FQRAl%2BRgRv2eNS6PHgMqVbyaTXvz9P5sQq2BEBceqp9Ts%2FQR4CaxHPb7FdzSH8o%2Fa7rA47yy9aXQCVG52N96mpXwzoJYruMCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efee9cb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/v-react-dom.production.min.js.088acd9e.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/v-react-dom.production.min.js.088acd9e.js
IP 172.67.70.156:0
GET /js/v-react-dom.production.min.js.088acd9e.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05d-1f8c5"
last-modified: Mon, 05 Dec 2022 12:13:17 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUi4dCyUNCUNufEOS1tFsGOGYc1zZ2mnzOYxwROWBeiLuvKKJcoVF52iX%2BXeC3kTwAQRqyktq3hvow3i7Zpzlj1aAqiAFMo1rWZFOHshVIobA5DEi8hp0IJ1zZL86z5%2F8P0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efee9db4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/css/survey.cd8123e3.css
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/css/survey.cd8123e3.css
IP 172.67.70.156:0
GET /css/survey.cd8123e3.css HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=19034
etag: W/"638de05c-4a5a"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZm73zxMgEhV1Xcl6fPJ4sbFKe0oDKJDftFaTHg%2B7hsKNtX5nD%2FEG7veqqNYHgzndfZEoglRxjk4TsJUx66tyu6LSP6AaxiNBkAtkzLoCEF9B%2F2%2FhHYfmMJ%2BR%2F21h0ODOl8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce83b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/css/survey-dating.42775b4d.css
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/css/survey-dating.42775b4d.css
IP 172.67.70.156:0
GET /css/survey-dating.42775b4d.css HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9365
etag: W/"638de05c-2495"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDn%2BXpGLM4aJLHrcat6N88dCyio2GnJlxmE7IBCP5uKkVRkYUCXxn7zykVMhlOlOQD6fx9YFUjaDDe7TNiAQxeiuscuUhrrFTbvQb3q3XFD18HZtwkX20igcnltOXO59xR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce84b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/v-_equalByTag.js.34ccca25.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/v-_equalByTag.js.34ccca25.js
IP 172.67.70.156:0
GET /js/v-_equalByTag.js.34ccca25.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-3a7"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kvm4SBtf4vEdtXZboedlrEjPtDFRCB2pvv5Y9a0stieDFlFNZfcZrt9vu%2Fw5L87DD1BpEH%2ByhsUou3sKZvqULUx6MiLOsVTXS9nHUkZgsYjK66sQMowcoztcQ6VxNH5FbBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efde96b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/survey.6.a4867d83.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/survey.6.a4867d83.js
IP 172.67.70.156:0
GET /js/survey.6.a4867d83.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=211870
etag: W/"638de05c-33b9e"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a4Qx7aqx7mpVaL%2BJhAWaNXc%2BqZXKrwBHVB3V4dzdaKgNM0by2HZCR1nzd3SQiyJOg8JWbDsoqBkkZaDU%2B5q1AvWURdoYt03y%2Fh%2BXqp9ZPig%2BbU7wu9ljrsE23Zp8M9qjJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efeea1b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/_global-config-sd.5af462ba.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/_global-config-sd.5af462ba.js
IP 172.67.70.156:0
GET /js/_global-config-sd.5af462ba.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-1db"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61NzEMn6Umd2d7E1AD4B6LsNESVbLPDwjC4ROKJcKwlb7Pu7U%2FXNfsr94QMV0vhgGLMYDCvztVV%2BT4trgJ73lNpdC8kitxt9cBGiAwWiab18aLR709j9jqFnSTvYtJvwFeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efbe72b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/v-redux-toolkit.esm.js.9fdf478a.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/v-redux-toolkit.esm.js.9fdf478a.js
IP 172.67.70.156:0
GET /js/v-redux-toolkit.esm.js.9fdf478a.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-289c"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMtR4yVy5Kis3GtKUx1fF2KTkaAy8q2gBhMl5gwK4II138nFMko8YKutG7jIzkC1ZJYsdQn2xdKrtc3FhSbNRyf3fGoxtHk%2FXFlLOMO4TkPlQ73d6nJpX66Rab%2BlNnf37vs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efee9fb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=d271a311-7c05-40fa-b354-c824e52a1bdd:f45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=d271a311-7c05-40fa-b354-c824e52a1bdd:f45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9
IP 172.67.70.156:0
GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=d271a311-7c05-40fa-b354-c824e52a1bdd:f45bf41ccf6a3fc479f550dd10acd9ac9f13c2a9 HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: text/html
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJQvqn3uNXIgTPD0ZdQ7bmHfA7%2FAzB9sU%2FxyTR%2Fcr%2FLoK72AzygQzCMOT%2Bsx%2FSlZOaLd%2B6JsZiH08c5EOvHzZvS63kQQ1K5LPLI3fPWwsV5O74ss%2FTT%2FzRuuv9dJMQ0eV6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4eefe12b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
findyourhalf.top/js/v-FormData.js.d78db025.js
172.67.70.156200 OK 0 B URL HTTP/2 findyourhalf.top/js/v-FormData.js.d78db025.js
IP 172.67.70.156:0
GET /js/v-FormData.js.d78db025.js HTTP/1.1
Host: findyourhalf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:27:10 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"638de05c-bf"
last-modified: Mon, 05 Dec 2022 12:13:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23o8Yq2OZ2kajR1ilPU4DdkcH13DU3VF425CcjMRXiQ1UwaLbFa0boUEYG5LcxLzUhwuR75%2Buf18sTRUGHWqOpiKBGUhLVcNyOVTooiOBH7rHYDQAgxj0DswNeDHPVvTVOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750e4efce7db4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2