Overview

URLmkuu.6a43.jx.wy5532.com/
IP 199.115.115.116 (United States)
ASN#30633 LEASEWEB-USA-WDC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-02 03:58:57 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (20)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mkuu.6a43.jx.wy5532.com (3) 0 No data No data 172.93.103.102 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.189.139.67
ocsp.pki.goog (1) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
findyourhalf.top (29) 462646 2021-08-24 18:04:38 UTC 2022-12-02 00:15:19 UTC 104.26.15.100
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-12-01 19:23:12 UTC 37.48.68.71
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
1865e08ae4.smapp.work (2) 0 2022-06-08 07:21:34 UTC 2022-12-01 02:50:35 UTC 35.186.250.143 Domain (smapp.work) ranked at: 230295
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
e1.o.lencr.org (1) 6159 No data No data 23.36.76.226
mc.yandex.ru (12) 2672 2012-05-21 09:38:30 UTC 2022-12-01 17:45:12 UTC 87.250.251.119
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 17:14:08 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 17:12:49 UTC 34.117.237.239
belia-glp.com (3) 0 2022-10-05 22:21:27 UTC 2022-12-02 00:08:59 UTC 3.208.247.235 Unknown ranking
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-12-01 18:01:20 UTC 139.45.195.8
r3.o.lencr.org (5) 344 No data No data 23.36.77.32
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
storage.googleapis.com (1) 420 2015-06-16 19:08:42 UTC 2022-12-01 11:38:37 UTC 142.250.74.144
itcleffaom.com (2) 72236 2021-07-29 11:48:44 UTC 2022-12-01 18:02:53 UTC 139.45.197.237
cdntechone.com (1) 64371 2021-12-24 17:09:58 UTC 2022-12-01 18:25:47 UTC 188.114.97.1

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-02 2 mkuu.6a43.jx.wy5532.com/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-02 2 itcleffaom.com Sinkholed
2022-12-01 2 datatechonert.com Sinkholed
2022-12-02 2 itcleffaom.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.115.115.116
Date UQ / IDS / BL URL IP
2023-02-02 00:45:04 +0000 0 - 0 - 3 uyclvmqe.tt.wy5532.com/ 199.115.115.116
2023-01-24 08:54:19 +0000 0 - 0 - 1 simuladordeempresa.com/wp-content/new.exe 199.115.115.116
2023-01-20 14:50:55 +0000 0 - 0 - 2 1rer.38c43.aw.wy5532.com/ 199.115.115.116
2023-01-19 12:05:13 +0000 0 - 2 - 1 iuyuyt.22e5e.tk.wy5532.com/ 199.115.115.116
2023-01-12 09:09:17 +0000 0 - 2 - 2 mjurr.3cae8.cv.wy5532.com/ 199.115.115.116


Last 5 reports on ASN: LEASEWEB-USA-WDC
Date UQ / IDS / BL URL IP
2023-02-02 00:45:04 +0000 0 - 0 - 3 uyclvmqe.tt.wy5532.com/ 199.115.115.116
2023-02-01 23:07:02 +0000 0 - 0 - 2 www.sympation.com/api/downloaddistriberror/39 (...) 108.59.12.98
2023-02-01 23:07:01 +0000 0 - 0 - 2 www.sympation.com/api/startuploader/399dcba0a (...) 108.59.12.98
2023-02-01 21:47:14 +0000 0 - 0 - 1 qwqwq.22eac.mu.wy5532.com/ 162.210.196.168
2023-02-01 21:12:27 +0000 0 - 0 - 0 www.fit-girl.site 162.210.199.87


Last 5 reports on domain: wy5532.com
Date UQ / IDS / BL URL IP
2023-02-02 00:45:04 +0000 0 - 0 - 3 uyclvmqe.tt.wy5532.com/ 199.115.115.116
2023-02-02 00:17:09 +0000 0 - 0 - 3 1de74.moedcc.wy5532.com/ 81.171.22.5
2023-02-01 23:43:06 +0000 0 - 0 - 3 cn925f8.bq.wy5532.com/ 185.107.56.200
2023-02-01 23:26:05 +0000 0 - 0 - 3 hfgfgf.3de78.wl.wy5532.com/ 185.107.56.200
2023-02-01 22:52:40 +0000 0 - 0 - 3 gov.3680d.mw.wy5532.com/ 185.107.56.200


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-29 20:24:20 +0000 0 - 2 - 0 b34.youfindadate.top/dating-survey.html 188.114.97.1
2023-01-29 16:09:01 +0000 0 - 2 - 0 146.youfindadate.top/dating-survey.html 104.21.50.238
2023-01-28 16:57:55 +0000 0 - 2 - 1 kgt.youfindadate.top/dating-survey.html 188.114.96.1
2023-01-28 03:17:08 +0000 0 - 2 - 1 sga.youfindadate.top/dating-survey.html 188.114.96.1
2023-01-27 06:12:07 +0000 0 - 2 - 1 gth.youfindadate.top/dating-survey.html 188.114.97.1

JavaScript

Executed Scripts (29)

Executed Evals (1)
#1 JavaScript::Eval (size: 80) - SHA256: 063a256725654e683381f7057f4053b17747011b9b73329209fbcfeacbc0f596
(() => {
    const a = async
    function name() {};
    window['8qiugs3acut'] = true;
})()

Executed Writes (1)
#1 JavaScript::Write (size: 4) - SHA256: b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0
2022


HTTP Transactions (78)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: mkuu.6a43.jx.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=9207ab8c-71cd-11ed-baa7-0ff2a6adb1ba
Upgrade-Insecure-Requests: 1

search
                                         172.93.103.102
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 484
date: Fri, 02 Dec 2022 03:58:46 GMT
server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators
Size:   484
Md5:    0a3a8d8b776ab7ba5afd2c3c2246e7a4
Sha1:   9ba5ec49a4a2e5eff915d6e4fe2c5073876ea969
Sha256: 2d75957dcc54d4d753c710c028bcd5c1781b94f542b8fa2364cdefa984fa10d1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3945
Expires: Fri, 02 Dec 2022 05:04:31 GMT
Date: Fri, 02 Dec 2022 03:58:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6396
Cache-Control: max-age=116341
Date: Fri, 02 Dec 2022 03:58:47 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:17:48 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3248
Expires: Fri, 02 Dec 2022 04:52:55 GMT
Date: Fri, 02 Dec 2022 03:58:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 03:18:10 GMT
cache-control: public,max-age=3600
age: 2437
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 9SMqK6DB4xTkq4UEa2FdhPhHmUKGTbHIho58DhKgnOn0eQLg93EBoKG3KJomUieMl5yccedbgkA=
x-amz-request-id: BASM3M0K21NCVT7Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 03:45:57 GMT
age: 770
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 03:58:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: mkuu.6a43.jx.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkuu.6a43.jx.wy5532.com/
Cookie: sid=9207ab8c-71cd-11ed-baa7-0ff2a6adb1ba

search
                                         172.93.103.102
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Fri, 02 Dec 2022 03:58:46 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 03:11:15 GMT
cache-control: public,max-age=3600
age: 2852
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6397
Cache-Control: max-age=111279
Date: Fri, 02 Dec 2022 03:58:47 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:53:26 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTk2MDcyNiwiaWF0IjoxNjY5OTUzNTI2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21kcm9rNHR2YjYwdDltZms0aDM4czYiLCJuYmYiOjE2Njk5NTM1MjYsInRzIjoxNjY5OTUzNTI2ODEwMjM4fQ.zETLXlrmyRA0SkeMblLUH2wHyJ1ArntXeGq7iIR42Ks&sid=9207ab8c-71cd-11ed-baa7-0ff2a6adb1ba HTTP/1.1 
Host: mkuu.6a43.jx.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkuu.6a43.jx.wy5532.com/
Cookie: sid=9207ab8c-71cd-11ed-baa7-0ff2a6adb1ba
Upgrade-Insecure-Requests: 1

search
                                         172.93.103.102
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 02 Dec 2022 03:58:47 GMT
location: http://belia-glp.com/zcvisitor/9f4af790-71f5-11ed-bc80-0a8e789626d9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
server: nginx
set-cookie: sid=9207ab8c-71cd-11ed-baa7-0ff2a6adb1ba; path=/; domain=.wy5532.com; expires=Wed, 20 Dec 2090 07:12:54 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZO0RKUk4O/igT8rYKWw1TQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.189.139.67
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bL5X/zZxFtGi+T6Q3WOuxBl1JMY=

                                        
                                            GET /zcvisitor/9f4af790-71f5-11ed-bc80-0a8e789626d9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97 HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mkuu.6a43.jx.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 03:58:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: naUnaoyZ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1098
Md5:    78ff667a322abca5e95fc2405f5a7a59
Sha1:   70185a829ba62e1d74efeaf66a91b6fc3eb27cfd
Sha256: bac7b3ca6b9086d011f830f4921e4bf4c26c3659142cf3caf03dd3af1c0905fc
                                        
                                            GET /zcredirect?visitid=9f4af790-71f5-11ed-bc80-0a8e789626d9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcvisitor/9f4af790-71f5-11ed-bc80-0a8e789626d9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=0274e090-43d2-11ec-ba04-0a918cbcbb97
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 03:58:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: czUzytfQ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   426
Md5:    104a2f14892e426a4787dfbb3fb92be2
Sha1:   b262afbb6d3de2841b4d716edbeed186faf469b1
Sha256: 690de3ff202e994cdf8dec9a992c6785aa30fd95c35d7395270a229f66677a29
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: belia-glp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcredirect?visitid=9f4af790-71f5-11ed-bc80-0a8e789626d9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.208.247.235
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Fri, 02 Dec 2022 03:58:48 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: HxTslgCZ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 03:58:48 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:26:18 GMT
Expires: Fri, 09 Dec 2022 02:26:17 GMT
Etag: "2261d9748610ab7553b6e71e750d2b6404cf225e"
Cache-Control: max-age=598648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773125705dccb4eb-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 03:58:48 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:26:18 GMT
Expires: Fri, 09 Dec 2022 02:26:17 GMT
Etag: "2261d9748610ab7553b6e71e750d2b6404cf225e"
Cache-Control: max-age=598648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77312572deceb4eb-OSL

                                        
                                            GET /trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=romeo-sic-vqpeyj59e3 HTTP/1.1 
Host: 1865e08ae4.smapp.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://belia-glp.com/
Cookie: cx_ntsl_i=e9646dfd-3e61-44ac-9107-c3ba55403f60; instal-cookie="2|1:0|10:1669943623|13:instal-cookie|124:eyIzMjQ0NjgwIjogImFlZDVkNDNkLTJiMGEtNDlhYS1iNDcxLTVkOGViM2E3OTEwMTpjZGMwZmRhZWFlZmYwMzJjYzNkMzQ3MTUwZmFlY2ZlMmUzM2RmMzM0In0=|524d6c73b62296f605fe8928156ff8ebdabe9f4721cf80a1a13ba0405fbd87e7"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.186.250.143
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 02 Dec 2022 03:58:48 GMT
server: TornadoServer/5.1.1
clickid: 4ed3f133-756d-406c-8b47-f489be46216c:50f7a31252706efbd917ec176c52513c515add37
x-service-version: 2.0.1
x-frame-options: SAMEORIGIN
etag: W/"8f9f41640e97b74dc60500025507db7ceafc421f"
set-cookie: instal-cookie="2|1:0|10:1669953528|13:instal-cookie|248:eyIzMjQ0NjgwIjogImFlZDVkNDNkLTJiMGEtNDlhYS1iNDcxLTVkOGViM2E3OTEwMTpjZGMwZmRhZWFlZmYwMzJjYzNkMzQ3MTUwZmFlY2ZlMmUzM2RmMzM0IiwgIjMyNDQ2ODAiOiAiNGVkM2YxMzMtNzU2ZC00MDZjLThiNDctZjQ4OWJlNDYyMTZjOjUwZjdhMzEyNTI3MDZlZmJkOTE3ZWMxNzZjNTI1MTNjNTE1YWRkMzcifQ==|0bde490edef3d6596ecb8752d1b9427a18a81e6a7b64781534f23e4a4b0011ac"; expires=Sun, 01 Jan 2023 03:58:48 GMT; Path=/; SameSite=None; Secure
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3648
Md5:    f2872a4af44f7aeda71058b44d55ccb2
Sha1:   168c126770e541d7b5b921c0d4ec51a3619b4291
Sha256: 9d0db2a7d2de8fb1d20db0a3ae8905468d9f6e2f5c4a9ec09e95541479f861ea
                                        
                                            GET /tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIk5PIiwgImNsaWNrX2lkIjogIjRlZDNmMTMzLTc1NmQtNDA2Yy04YjQ3LWY0ODliZTQ2MjE2Yzo1MGY3YTMxMjUyNzA2ZWZiZDkxN2VjMTc2YzUyNTEzYzUxNWFkZDM3In0= HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.144
HTTP/2 200 OK
content-type: text/html
                                        
x-guploader-uploadid: ADPycduP5jtIyrhsJtT9_KFVtIRkzz_-oS5Gul-wABX0FuQMTQTumsuD_Vv-D3owNB1hgo5-pQLu_TjwWi2lk47ULxUlUQ
expires: Fri, 02 Dec 2022 04:58:48 GMT
date: Fri, 02 Dec 2022 03:58:48 GMT
cache-control: public, max-age=3600
last-modified: Mon, 10 Jun 2019 16:09:51 GMT
etag: "54f99c9e98a5b4f17b219e94417e6d2f"
x-goog-generation: 1560182991115409
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1357
x-goog-hash: crc32c=+7k9hA==, md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1357
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1357
Md5:    54f99c9e98a5b4f17b219e94417e6d2f
Sha1:   80247746ede724755155d0aa8c0082c8b00542bf
Sha256: c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634
                                        
                                            GET /api/v1/click/confirm.js?data=gAAAAABjiXf4CCQlnk1fJzwTWOY6W9fJ596KSVK8KVdR6Wn8Vh-KcGC7wVvgsYaqShp88BVfAxxI20nZ396lu7q_e3EOEhohfb_gh-bMXmAjm8MUWnheS_IOAqVl9k-DrSIybrBcgb5DIjyGpiVUGasSkkhF8J7b1PUWUV90nh4HK3OdT1WwiAXGwB1daezdG_D9AAT4BFNMgvsIT2Yx2xX72BbklcWWWtu8U3w2FG-N--pGXI6ye3S2hNBzfiJecP9IlwN8y_6HPjQEtiWONshLm0QgFXBSaJ3BFPCWFFCrmvUhlCIzCuez-CFSQbhaUcAG9VjCmMbTfxBt981nvifcckO3KsPhWr7oYN4xH7wG8iK-9GQSw3pQNi30K5p_O9LcxtaZCg7BNYyP0NfmiIeI2HYixWdr5lWI-2b9MHLInm_TBZvzsMehS4Ml-dlwL4rrmJQpoeSOvGjNfuwtFFsN1lMywPO72MMGw7nx4hGb5eXYfL3caUSOkQXGZcZ-oOE8f2AdarNczzwrrsRaaqn4ATT2UUu34h57lJKZPPHqZ-zE5WCQAHoPvkJmGSrXEn53NyESLf0CxaACBmlRSvp_a02NZ_1OhDPmLTG5kM3FCizPiS0e0CFuxJs4luF5ebK9qaOl2KajVDkiydkxMpt6HpTyH6226y89SlIFiWImOgBglM8N2IN3E8AipBLKmPv3bfz9RZYYvo5L1oLSfwGGY0byMw68HKjG5l0o9EjBP5mLJrjYQwKAKNaRhpZO4NRPMV6Sm5Ko83vzr9CwTYFHveTGofEmenIrTj0mnwz0rCSH46LEs7BdOTbHk893xFnJRwrf0zhINEeG5KsoCL85olHhOl5KyULiaIhsnIT58shUFwP4VhTKvZa_0EPxy6grddxBgqbKfm3cZL0xrX7v6oXDaDvCPrIfAZUF9AbmPq9T2sg18wfp4YAVxOhTDtHVjbGDh_eJVD4EAzPw6DhF-jzDYkmU21eBGp9nRyhBCGjGc9q9SpgBiygu7iUYMu2j_uwG-N437JrF-iTlIBKmMxvamPcjUhT0NEfwNYff8bXA1iVrCbH2a1QZxCM7GVXOHLjDvNvyAN1QVmLI0hY8ZjeS_45YDcbH-i07MaeUu-i6rq2QILxdQRGwAq_w8oOwr9KPlunLjXcrZrFBCtptR_K9N1O8BvxKNoGgC8k3WBlQ_QTX8eAuvGex0oAlRH---5heOZ4QlG_BJa5fK9I44PQdLR1IA6Z5GnelC7OdCKo5AkclUlOuot8Y19W-mezIQO0mCEAezlD2vPY_tvJnqGwqCfOBuTPPU_DuqRKv_S-1m3ZC4zH1xKWGnNaGAwshewkgmkKK8I-ARdcOBijD__mVHXo-PMDD62k10eYOgTGAZ4C92vH_iUFC0vvqL_kbE-a5oWheVZnsngxfNwyc24dGsqEu_Ru8J8_-S7lJJ4xwVcle6pm4_dRSe2k8hwp5DCQZ2uQuDUN4y8rhP8DO9SdoIkkHzGkoSFBBLPqmZj87WDcEwmzOcV08YVs_QYtele0MxI5MujoT-mLT8aCv8Vld7GaOOQuXPnqCR72f7lo4IpCB4o3NTx9UnF-FE8aAiH6iSBAaWpPdl6vp38zyRMncyO0ze6Odn-7XRzmK5d9NUKoeeu5XBo8kUYEu--xZOanobSluj6dY0GKAuia1ZKtX7OR8KVRSW5EqFm_6wQmpxI9Fa9PvK9Esjdby7U3waKvljGeG9F38TurNtNK-R46vh1-P18NFJQ9GlNBUBLRDj0D1FQ5TlLSmGKcNiCtjTJvGagiByFAtGaHZcTQsaEbWLE-s_MjHnZw3aPzu3VnY7iXWl2I4ULvIV5YT0GVvUiatAdBEYn8za6iZy8wa_C85xjiIIo7wu3Ex2HHlhfeli45IOlrvzqTBdlhIEvh40y1yVivtEbpeYuyEiY8Ujg96rD_uAcLyadJunNw3EwxTWZ-OB5ttUbH3-Cgo1gLJPyVKiy3T0kc1g2Qu-RrGylLgcIrCmW7i8lVDOck3xL6mhX6CTXqd12BZ9RL6gIJenYkXNsRSyvhDo3HI-A-tBiQjhBWVY4h8ZpPu-6vWIWMCbO8bf7pvseIjaOi-liWxO_K0MubjWbyQSMxf6ZEHa-L-2svFpr3vRaG98yNzD9V6Hb9pqGsmJ1AMBYpFPfO2HANZEnvMnldOe9Z5Ar_Hyh1Cj6ffzrPAPIgnQ7VVWCoOTvVj8aWoud1hy2qy5r4YHv0cqmOfUPNH1q40N5LG3mKLLEtIQFkVZtVsJi_WgTewSmsXUxWwar9salfQrXT9qjCQ5Mxs24ihn0wBq_182rLMAMoJRiUQ0-iC1LWZqvbXceQFOjBP0aTdJ2DbQcOrP-O1U5aNulDTRvqMJvIV6J0bvZtsUUwxynufHNHNSBfnfHNWkIw_FoocQLoP6K0i-9qPUlhdYGciwJKkNUkinLqEOtMJaw7MQLYCe2sbdThSNlmA9DnK3boAo5H0dkdSY3YBxsfqYwC3zqyCz7Fq5jcjsiTUxtqonEDAjG_IV0olAF8-bqw5I7AYaItXJdrOZeozA_U2KI86H9q3tzKz-ea_icQQ7plf2inaHci5I4mNkCAPDg0vD_HjXG74JE_CDPxjRzsCis1cW5funG7QcWwDPrUmGmLN1Reytj9VylYJp72cdmg%3D HTTP/1.1 
Host: 1865e08ae4.smapp.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/trkclk/?pid=6100&cid=3244680&custom1=CPC&fw1=badious-buzzard&aff_sub_id=romeo-sic-vqpeyj59e3
Cookie: cx_ntsl_i=e9646dfd-3e61-44ac-9107-c3ba55403f60; instal-cookie="2|1:0|10:1669953528|13:instal-cookie|248:eyIzMjQ0NjgwIjogImFlZDVkNDNkLTJiMGEtNDlhYS1iNDcxLTVkOGViM2E3OTEwMTpjZGMwZmRhZWFlZmYwMzJjYzNkMzQ3MTUwZmFlY2ZlMmUzM2RmMzM0IiwgIjMyNDQ2ODAiOiAiNGVkM2YxMzMtNzU2ZC00MDZjLThiNDctZjQ4OWJlNDYyMTZjOjUwZjdhMzEyNTI3MDZlZmJkOTE3ZWMxNzZjNTI1MTNjNTE1YWRkMzcifQ==|0bde490edef3d6596ecb8752d1b9427a18a81e6a7b64781534f23e4a4b0011ac"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.186.250.143
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 02 Dec 2022 03:58:48 GMT
content-length: 0
server: TornadoServer/5.1.1
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 03:58:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=157787
Date: Fri, 02 Dec 2022 03:58:49 GMT
Etag: "63893d54-117"
Expires: Sat, 03 Dec 2022 23:48:36 GMT
Last-Modified: Thu, 01 Dec 2022 23:48:36 GMT
Server: nginx
Content-Length: 279

                                        
                                            GET /assets/1418d3d54dbb9471fdf4.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 54789
cf-bgj: h2pri
etag: "638898ee-d605"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlCgsW2da0dyElL3vUD024f%2FdFbrz0WUvS3fmusuGGKr0Wm56M3a1ne1MpjSxqJINhkKmWXgj4hPD2IzXBwZHpUX0EEOXXNoAzdrLWxcT9ZpX57GT1sxKxOHSUGzNoAdhXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a7db524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 554x414, components 3\012- data
Size:   54789
Md5:    6d4697c58b5ca314ed5e18bd8ca6b9ce
Sha1:   2a6e9b8a93d359dd492fb3cfbb2bd768c28aa6cb
Sha256: 7d38705aa944831049bd714c99d3912f3528c27c5bbdac5bbd6fdcabef869bfa
                                        
                                            GET /assets/d4df7c721715d3197d35.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 33816
cf-bgj: h2pri
etag: "638898ee-8418"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNyrP98hjq%2BvJZdaPtgefdEirACOC8MRCs7r8K8165LwgHUweGyzPwEICPdHAV%2B2C74BYXSu43o3N7IrVbctJmRO2suGfQiXyKgzw6aKaV3NBjJUyFso6HbNHzIqjF5cwzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a79b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x499, components 3\012- data
Size:   33816
Md5:    785457fd7f81715119251bcf4c1a8f56
Sha1:   66cbede5b601e6d0857441c939e9798493e812c2
Sha256: 32bfa591e8f2fb193889b21a3ec397e4029a5eeb22b4f1a718b056978013580c
                                        
                                            GET /assets/2c7be58264048611fef5.png HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 1574
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
etag: "638898ee-626"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0xQShMZb0tL0ONl6VIrTbsVRIESAkBIgpMkG86iMzYm7IV4u1jpPl025gCAbCxiw1%2B3iqsaTjs3mRwmRV5RoDG1qjmnUf62hyHBPQ8NOV7oP%2FSqIjRhlnXxbEfr3pLy3pk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a77b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 61 x 98, 8-bit colormap, non-interlaced\012- data
Size:   1574
Md5:    214628994adff396733825e7b9778ad8
Sha1:   cfcdb02dd750c2c56ce0df960f032865d0315d24
Sha256: 072083cb6a8af8fdfad3087d4aafe1fbb1ef96c4863dc53d9f1483ce83937dfb
                                        
                                            GET /assets/032bcaf74c0de2c93c8e.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 33612
cf-bgj: h2pri
etag: "638898ee-834c"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbORywBkZ94Gpm1kgCk4ofLg10cBwqZGQICjakDNMngaCoTzwM7lq%2B3KgpGRVj3%2Bmhd0yVUsXwnirnrRVsY1rlTFPPDSyjHAo9kRnwrFoGYbGovYy3%2BsCKjzpvTlH7z%2FpqM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a76b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x390, components 3\012- data
Size:   33612
Md5:    e38526805379a23a1bcfefabf38befa2
Sha1:   afe5306e0df615f7238ad8fe41b33ecd38c10fd7
Sha256: 999863c911c86160c1f2721524580942426d157547b36985f643aeea0dab4aa1
                                        
                                            GET /assets/848c59c46246f7f3cae9.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 12409
cf-bgj: h2pri
etag: "638898ee-3079"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYp1tP64L925Wtbx%2BQA9a0g9yg%2Bq%2B%2FJovyCPVB91RZw5eafbJbmbpY%2B4BVkd%2FX7JFSxVdYn2hBOY3jGbppFoJYgTqJQLncna%2ByJ35ImMZ92fEmxe5FjKfHi9xCSe4PEZmro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a7cb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 360x241, components 3\012- data
Size:   12409
Md5:    147a131b97e24b606548d78e8fa56e63
Sha1:   b746629c163d2cc3f3ac1d81b9bed35e682e85fc
Sha256: 10e26b8306c1bc3958e6b243fa4dd0aae70c197f460a9eec192dff846ba8aeaa
                                        
                                            GET /assets/0e8214b6a04a80b2ed65.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 118495
cf-bgj: h2pri
etag: "638898ee-1cedf"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ%2BZb7gk3my66%2FXkDIxfGtrDo%2B429djjOTErfYM%2FaBOJ%2F2h%2B%2F8OWUWh%2FT1Je6anmEV%2FkzloTyopBeST2T%2F3YFC%2Fmyv86jscnbJlQQmOvmhciEC8JiQdbMZ0W2OxnbdmUjPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a7fb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 507 x 500, 8-bit colormap, non-interlaced\012- data
Size:   118495
Md5:    fafd80f19f1c7b5806ec7f6935872cb4
Sha1:   d8c6a473659ac0ba5472bcdfa4b7dab91470ed07
Sha256: e65ad8065b9444d3881bb4d2fdd160f90f1babeb7a0f712f288a77aeef18ad87
                                        
                                            GET /js/rtc.579a2e70.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-29d4"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBCOC7%2BjcoCAN0kflEhwwWRK1bFhABU4asbJIj1xBVOqpYEv8SP0YU6n2jmVPKdjD6eo6lPyOCIalbaS9UHF9qTaG%2FzC4%2BxFuqMbUsTLaYSs%2BmfCqRnKBDVf4Ydg3tr2UUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125764a67b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10708), with no line terminators
Size:   4949
Md5:    4545e0132c188cd05f29f08443870465
Sha1:   ab1698d8888beff69efa1ce8ec7d907d95573ee7
Sha256: 538575784ea54cd0c8d91e92498c6f0f6e71123ccc325195a3e547ed6edf1670
                                        
                                            GET /assets/56d040d1d8bf3bf21d63.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 55200
cf-bgj: h2pri
etag: "638898ee-d7a0"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6C323R6JHyFNKYXtgkQydWeTwTMEtaoClZd6feMOg0gZOrTfMR%2FFe1EH7x3VXtdFlqQxq4HsG3NbKi4BI61AcR4hi%2Fe%2FYJn%2Fq9H02RfisK16%2BtNYYfoEQaZh53wFqtMbAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a80b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x620, components 3\012- data
Size:   55200
Md5:    9ddc7b6cb356a6d2e99eed41cc1734de
Sha1:   e1da98ccc6c5198d528384dcf0796de766475488
Sha256: b80543c059b42b12ff905047b8a8f5d6f4b676febb7edc65aa602e64248dd837
                                        
                                            GET /assets/06c49b18302a6f35f315.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 20712
cf-bgj: h2pri
etag: "638898ee-50e8"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdeeYle%2F9Olatuk1kZ1OKfnJNbNdgQrk8Whsi%2FwJU%2Bnl7jPk3W6rV3hfkHO%2B724paaexD97xk079TYJD%2BwWPqHj0gAtyJ4y10yiLN%2BRKgkM7fAx3QTXhYS090%2FotZiEMJiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a7ab524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 500x375, components 3\012- data
Size:   20712
Md5:    0d0464ad4924d5189707d2508a818e37
Sha1:   d40c4e3dcaeaaae3eb66d3ca096f8569c4605e21
Sha256: d8b8c213ff1fcd97e0cbb4ec056712bfed39405c65a20135135328b5ad1104af
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10825
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:58:49 GMT
Connection: keep-alive

                                        
                                            GET /assets/47ae6a5ba10cda2c9e0b.jpg HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 20958
cf-bgj: h2pri
etag: "638898ee-51de"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSbpJz5rio1%2BXDdRXqf63q7DedkzrBGnigWGDXIQr%2FzPKaspaCS2r4RhfChWILJ8U0oJDNI82igfsjRcBmgH%2Br5v9JVt4KB882N3wL1FJAMYUnHyWMk7V4ARkXwHg4bdHQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a7bb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Size:   20958
Md5:    56b1d087e07bfce17502f3d15a29599d
Sha1:   1a3fdece929142b64a427a813298a4278f9c9a3b
Sha256: 06bda10f4f886bd1dc58e72919dce1d5ef8395a9103cc719c333088ae7cf6677
                                        
                                            GET /css/survey.cd8123e3.css HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
cf-polished: origSize=19034
etag: W/"638898ee-4a5a"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrC%2FThgLaU7%2Bcnu9aH7YbX4%2BgT0Xq%2FM%2BbjAMl11CyuQl9EJ08oxBEwERtQmcp1iznvTO43wKpbWqAB%2Be%2B9R59Q%2BS1mzT%2BCV1Qhvf8KYhicg79wVxHwVQZvd8tAHhssZs5OI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125765a73b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18985), with no line terminators
Size:   56762
Md5:    d57f6fc44697620c4ad45a2b146502fd
Sha1:   a853eba5a753fed105353c7dad82c6c4b5c9417c
Sha256: ac14e5de059a32b405d76d135e5c490d4b15b8aa7632065d4de3836393c75fb2
                                        
                                            GET /js/v-index.js.96ee7a81.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-9241"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUj24pDv4PSzir%2BhgsNM0jgzfN2tv1CpL3iRihNMdJP7cKykqUGY1ICxJHHoT5zWJLWJK0%2BRHRSx8zeSawsFHrVaGto8P7Kt7ylDLf7jpGhKckQkeWxRAOu4NVP0DMPDP4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125764a68b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (37441), with no line terminators
Size:   13297
Md5:    51880c357aa2c0b633c03f0fb63ee620
Sha1:   5dde66cf77fcc81bce861e97955df90bbdd08db4
Sha256: 6e6a980dbda61d34d64a48b7b528f8b87c39714b502010c943edc156b63ee8e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 22133
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2942
Md5:    b47431190f34eccf0a6efb98e2a32b7d
Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
                                        
                                            GET /js/_global-config-sd.3e9d3b18.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-16d"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgClf4Q8PYvuHaL6YAdr%2FsarI36Y6SH8VdPPKAsuVpftSTtT%2F7qrt0FKCAlZkDpxnvJp6dgvGgv1OUMeeDK44lYn4T6VEwyJeiQPGkEvjbzcKPj%2BL7iuetgB6zlDy9Gf%2F%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125764a65b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (365), with no line terminators
Size:   773
Md5:    6002c0b6f13e4ccd43ed820cf6cba5da
Sha1:   0e0c08066f9fc2699729eab8e2be1a9f4a73c3b7
Sha256: 3255ee9c2885505b9c331f889b82ef29c2ce16c58fd757c2686325df2b16e222
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10825
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:58:49 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 20951
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7334
Md5:    498ab4412ed5cf977bc23e4e870894b0
Sha1:   23753fe8af09ec8ffa10eed4d201a71833885c99
Sha256: 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:25:42 GMT
age: 19987
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15495
Md5:    82ea44d6cb116fb1f5752ce9bb87e345
Sha1:   f799dfd89a4f5a452dc837b8616549f578fb4184
Sha256: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 74320
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 22190
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3711
Md5:    89e1a735e16f55c78fa75ae434294029
Sha1:   6c56f4015305eff04a99cec9758cd40bf4e5f704
Sha256: 26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 22198
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7591
Md5:    d147ccb10bda82b153a596c3c967cd6a
Sha1:   ffd0763f997e71a8c1458523fc17cafe8849dfdf
Sha256: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18108
Expires: Fri, 02 Dec 2022 09:00:37 GMT
Date: Fri, 02 Dec 2022 03:58:49 GMT
Connection: keep-alive

                                        
                                            GET /gid.js HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Cookie: ID=9c12817ce140443a8e2c518969a5feeb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 65
access-control-allow-origin: https://findyourhalf.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9c12817ce140443a8e2c518969a5feeb; expires=Sat, 02 Dec 2023 03:58:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    bc4bdb5e1ae56b82b3033bf4f3bcd28c
Sha1:   1061109a44cc36deed1d2599d81a8efa6fe34f6c
Sha256: b5fdba3c1a0e56b6f33c076f56430040ad369743272cd3c43e87ba594f356fb2
                                        
                                            GET /js/v-react-dom.production.min.js.088acd9e.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-1f8c5"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQpQss%2B%2F6qJXyyWNevXIziXHedMyFTpiDhwemCMZ%2B8xoWYIZgfdOw1sz%2FMahT2bI0DyaerTYTohtMgAriNvGKVXVfZw5Yen7EUGwJLX%2FBhF5i14zFWrUk8JCmXQmI4xsUZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a84b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   42591
Md5:    eb41d56ce2ca8b7933b8dd2f55af9fb4
Sha1:   13ddf40f5fb4f5ecb5d6ef1a4706ce812bb99e7b
Sha256: 88e7343dcec481515dba5dc3d1535eb24283ece02e3920cd32f6aa524354e0ae
                                        
                                            GET /track?offer_id=2061&z=4655142&request_var=6100_3331&variable2=4ed3f133-756d-406c-8b47-f489be46216c:50f7a31252706efbd917ec176c52513c515add37 HTTP/1.1 
Host: itcleffaom.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 03:58:49 GMT
content-length: 148
x-trace-id: c86ba3c5bedf497cb3df3233edce865d
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   148
Md5:    673cfa6261713c037f5e6d0d8cebc7e5
Sha1:   3fa4ef98e3409901f9d51f1bd651a130506aed6b
Sha256: 546d54b13b6ae34900ec662401d1df42e740d9bc40c24cca29863414f9affe39

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css/survey-dating.42775b4d.css HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
cf-polished: origSize=9365
etag: W/"638898ee-2495"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEwxweTaOCdgO%2FiVhx%2FRFR74WBlZsVoceLQyOAZVl%2FAEbpF3FlG%2BB3xG3V4HNeed6ZIMhSG9w0gNb2NGtUqetfSKWwUGE7ove34jdjxHYMaCom4652xYa1G58x1qzpq4Pos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a75b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9310), with no line terminators
Size:   2356
Md5:    62ff9229d2d63e5b29a7e046d7d5be20
Sha1:   2de1953385abba436411e64d1e258d9fce0df562
Sha256: 449314d9ae88f097ed6d3d1328ef8ef6fb91d5150ac947ef5706f5fa3d04ae63
                                        
                                            GET /img/fav/heart-apple-60.png HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 02 Dec 2022 03:58:50 GMT
content-length: 4742
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
etag: "638898ee-1286"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BdKVVDn%2FXSieQeLOjThyKAZIShTq1Q6U8BsKkLeW%2B3Z5jHxVHdCvjNbZkVNWS8K4DJlSeE5Q8dY3EGxQa%2FhX6Fw9aIZYJYkY6p0FBMQxfrBgUbS%2Bo%2B2Rxx%2FxgkuhoUa5To%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7731257b5cc0b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   4742
Md5:    df363aa0b52e70e713d8279bf63d7c11
Sha1:   a78e2139a964ccd9dc48892985cd8f47ba982eda
Sha256: 0710e7435d9fb61d35b26d23efaef1e09caa18d9d0123652a5095d36e2413ae7
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "185AC350702B58B7350B9ADA6D16E4D551DCD126D19B4EA4E6545EC8471358CF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19629
Expires: Fri, 02 Dec 2022 09:25:59 GMT
Date: Fri, 02 Dec 2022 03:58:50 GMT
Connection: keep-alive

                                        
                                            GET /img/fav/heart-16.png HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 02 Dec 2022 03:58:50 GMT
content-length: 670
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
etag: "638898ee-29e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNHt1cgkf%2F3BsmaJ2r9cS7BAUU9bH0%2B%2FkIPJqwxKV6Rud28dZgRhC46kjGh3ZCFzMj9jMuA3d4Q8wpZsLkgfMLOfn7ODVdloW%2Bk52jFLuWFqMfGZwA%2FyBR4KCvRxgZcNrKg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7731257b5cc1b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   670
Md5:    161113cd0cedcbb5a4a76ef87c00b0ea
Sha1:   ec807c2867bd4ff3c3aef6ff966ae1648832591b
Sha256: df545a40f6092920cf46af4e124e550273bc0b9aaec5f137f3d03ba91aa02274
                                        
                                            GET /js/each-land-config.fb4fa40b.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
cf-polished: origSize=66651
etag: W/"638898ee-1045b"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHji7fRstohgKmHm7L1zGTGZ1e0PbaruPEOiYROdYxPULPPBYJdQW2y5iFg1bkYk5SedB4J%2FYfJztdvvKJXoJfBxUV16NjTT0fT3OFP3%2B3Vpcsbk7O5lH86%2BqGRqOl1aiyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125765a6eb524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   45642
Md5:    34e7056866707d2d36b2d8e06953afae
Sha1:   dee0823b4fff07727caef40ba77ce7a9e0dc5d02
Sha256: 15da847ddcf08e7b55c35cb9ac03656a7d16a557368f664205753fa4949fa39f
                                        
                                            GET /stattag.js HTTP/1.1 
Host: cdntechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         188.114.97.1
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:50 GMT
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ykWdbEN2cr7y%2Br7Yq2xkNSXuquqmYy5MBM3Yq81QH3bUDT81MrfSHIFOjgm5j5T0LnvZ%2BOonFvP%2FHqoMA9bh4eR%2Bw%2BnLPn9KRKmw7ZcxWCPX9EFMc7hUUFihcsP6VOTBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7731257b4f020b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12932), with no line terminators
Size:   78482
Md5:    617bb1a66598515593f25ab34f5e5985
Sha1:   512cc4548885666a8b05cf09e6c942d694d667e2
Sha256: 37f6375148a8604e9e21e2bde5e13548d0149907e21b06c6983788fea82ca7d0
                                        
                                            POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1159
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.48.68.71
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 02 Dec 2022 03:58:50 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://findyourhalf.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A209%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A744942770%3Arqn%3A12%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C131%2C1%2C%2C%2C%2C312%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 302 Found
                                        
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A209%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A744942770%3Arqn%3A12%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C72%2C0%2C%2C0%2C%2C131%2C1%2C%2C%2C%2C312%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
set-cookie: yabs-sid=364966951669953530; Path=/; SameSite=None; Secure i=v0EuIRir6xNON+rxeYAowZfXzpo0V29o6fFVZveEXiqPpGI4kP83ECilHRn5wQYB68+dDKPV0jXGuyAm2m2xuyQlshU=; Expires=Mon, 29-Nov-2032 03:58:44 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None yandexuid=4383667151669953530; Expires=Sat, 02-Dec-2023 03:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=4383667151669953530; Expires=Sat, 02-Dec-2023 03:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure ymex=1701489530.yc.1669953530#1701489530.yrts.1669953530#1701489530.yrtsi.1669953530; Expires=Sat, 02-Dec-2023 03:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size:   400
Md5:    2570cf0d516ddde3879c8488fa52be0d
Sha1:   83e689774df3c3ff41d049d6840f64388302dbf2
Sha256: 21328886b9ceb6ea5b460a9b849f3c71d3052273052eeddad47421f619eb92fe
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonStepChange&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A154192837%3Arqn%3A15%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonSurveyStart&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A126404665%3Arqn%3A13%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1000%2C1000%2C1%2C%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 78
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonUnique&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A157432051%3Arqn%3A14%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A1000681822%3Arqn%3A16%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexLoad&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A815924165%3Arqn%3A19%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonAdexCall&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A623266451%3Arqn%3A17%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonGetIppRotate&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A255347813%3Arqn%3A20%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 384
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
etag: W/"638898ee-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXhRrtNO%2FEsFCHDJ6zGGAYvEHiLUw8%2FezYlxkJ5TcHmKsnFcJlbqCZaoMtXKhcJ8skQBt34OS1f78RzOt7OKTh0ifUcVYXBocR3sb0JdjSHL2jZRtOMI66Xm2nIIMGfYS%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77312578fba9b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text
Size:   2610
Md5:    7b9e9fb61a0a166f66f96b86e61c1440
Sha1:   e0248a58b6361542382f2712e3394c975caf2df2
Sha256: c81b612bbb5e1fd7d24be9b340014dd7eee14466dc55a0a7ecf520352ee5eb8b
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035848%3Aet%3A1669953529%3Ac%3A1%3Arn%3A429581905%3Arqn%3A21%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_305%26ymid%3Daed5d43d-2b0a-49aa-b471-5d8eb3a79101%253Acdc0fdaeaeff032cc3d347150faecfe2e33df334%26utm_campaign%3D6100_305%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669943625_cea9ee88bf27c425255875692f835298784ebd59a47b9d2e8129baca022a22af&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A171320873%3Az%3A0%3Ai%3A20221202011348%3Aet%3A1669943628%3Ac%3A1%3Arn%3A701741331%3Arqn%3A11%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1669943622298%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_3331%26ymid%3D4ed3f133-756d-406c-8b47-f489be46216c%253A50f7a31252706efbd917ec176c52513c515add37%26utm_campaign%3D6100_3331%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669953530_44a1d531bae2641ed84613e6803ea6534b708ae8fc12f4ca8912321f277ec4f3&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A287237995%3Az%3A0%3Ai%3A20221202035853%3Aet%3A1669953534%3Ac%3A1%3Arn%3A272483583%3Arqn%3A22%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1669953527782%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669953534%3At%3ALove%20Test%20%3C3&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(11)aw(1)ecs(1)fid(500)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 02 Dec 2022 03:58:55 GMT
access-control-allow-origin: https://findyourhalf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:55 GMT
last-modified: Fri, 02-Dec-2022 03:58:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=4ed3f133-756d-406c-8b47-f489be46216c%3A50f7a31252706efbd917ec176c52513c515add37&utm_campaign=6100_3331&utm_medium=4655142&utm_content=zd_public_v2 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0DfT%2FsrZR5FjON3t3Blc5i09Clu5XuKrF2ZnaR4TV4Q5uJXSU8aRGwo0Cjz64ujxylWhySuEZD%2B3ufkUJcXN5iieoreKM7WXgN%2Fx5K68vkhdp6dp5cDjG83bL8MI%2Bb02rM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125773b01b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/config/data/sd-20610201.js?v=10 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
etag: W/"638898ee-9f0"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CVSSzp7gXTRIddf%2FLylp3Bg7k4JDeh8AedaYqezQqL%2FeUp%2BrvVZw5tFQWa%2FVnNxmGmyyigpVlwXANetlUsoem8MqYMGn2AFDtH5v7G%2FwadYVIsnppoUdJ%2Bk8eLUrbQyCA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125774b06b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-_equalByTag.js.65139af4.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-3a7"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzjrcRZIFvBykfkcaYZ%2Fxsjgn2jJaFFTgAqd%2BSM4y%2Bp%2BSmTmfTi9BICIM86ar3NyM%2B%2FGyaKeNgg5OWvnS990J0olCp5c8s2z6%2FaIucqlRWH6zojflsiZHnO08KLqb6YXC4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a81b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-_baseIsEqualDeep.js.357d1588.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-2d0"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adp7E69rhygp%2BiYiFxbMHSWMl1E9fMflPROGqGSg5nzN3u%2B%2BwacGiSAynfREjf5jsjEVRotcahvrgRk8O2j9K%2Bux5vhrxVesEkoa0rd4C6irI9Tvuc0UWc1DU63sJIrHaVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a83b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dating-survey.html?z=4655142&offer_id=2061&var=6100_3331&ymid=4ed3f133-756d-406c-8b47-f489be46216c:50f7a31252706efbd917ec176c52513c515add37 HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1865e08ae4.smapp.work/
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGkoDw%2Fkivgl7VBEuWEhsbCxdmdvwtOd%2FUFhQwUoOI3%2F2SmSdQ%2BOh%2F7HJJ82kDA9U40x5fqViB47XcVONk4AZj76bWDCfV6%2FuylrlwRbE6uksvXldOhnNydyqdZbOVLRFqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125757a08b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-URLSearchParams.js.f8f87c95.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-dc"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BePgrzSK2nyd1LtQ4Vg1EawOinpiRYFMHUhJr1cKIIgeTDq19ushlihUtD1XraAbSC5gmBxq8wv8WwR7aKD40DGyU%2Budtep%2Br0YA3dZxx7gulRJnJTTbVRkR3cWaeNWYseA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125765a6db524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-redux-toolkit.esm.js.29ed6c62.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-289c"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6mMQL%2FOMsLtqTSnXjJUF%2BJg1Ljo%2BIopb60DFjWXGiwy%2FgHf26OP6%2BoSStKs4u1tTZQwd3Wai0Zo2cfZUXK1eBq2X0klIV4l1Nh41zzCJNTrOGaNWRsgLKj2rExCtGt6aq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a85b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rotate?zz=5473375;5473392;5473384;5473397;5473381;5473436;5473414;5473400&var=4655142&ymid=6100_3331&uid=9c12817ce140443a8e2c518969a5feeb HTTP/1.1 
Host: itcleffaom.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 02 Dec 2022 03:58:50 GMT
x-trace-id: f1f73ca33925aa0f855fd06f6b461bbd
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
vary: Origin
access-control-allow-origin: https://findyourhalf.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=9c12817ce140443a8e2c518969a5feeb; expires=Sat, 02 Dec 2023 03:58:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /js/survey.6.fc32d2c4.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
cf-polished: origSize=212503
etag: W/"638898ee-33e17"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMlrgGqGDdfDNo%2BIHkQse3na%2FTxgMiVQeLt5W8NvWNahwzEpOGIxYCLHbVc3Wy7%2FpQ77vvuY%2BWLyN3MOZqqN1xqN%2FzOkSdXn21HI5QZOpN%2FrMaboQiWTzgad4qnzZY66x9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a86b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/v-utils.js.bccc969f.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
cf-polished: origSize=8634
etag: W/"638898ee-21ba"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAg3xV2gDUNiZtCd94nImZ5976vi7rUV2XlWPXAvjbuXLDOcSeJlgJsZgdN8rLW4VEt6Q%2BPz4qVPEtok%2Bxgps%2FC4hxNoXsPtjgmBBjGMH5d9QEeX6%2FcS4nt%2FZKc8OuiIaEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125764a69b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /watch/66423859?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_305%26ymid%3Daed5d43d-2b0a-49aa-b471-5d8eb3a79101%253Acdc0fdaeaeff032cc3d347150faecfe2e33df334%26utm_campaign%3D6100_305%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669943625_cea9ee88bf27c425255875692f835298784ebd59a47b9d2e8129baca022a22af&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A171320873%3Az%3A0%3Ai%3A20221202011348%3Aet%3A1669943628%3Ac%3A1%3Arn%3A701741331%3Arqn%3A11%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1669943622298%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr(14)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://findyourhalf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.251.119
HTTP/2 302 Found
                                        
location: /watch/66423859/1?page-url=goal%3A%2F%2Ffindyourhalf.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ffindyourhalf.top%2Fdating-survey.html%3Fz%3D4655142%26offer_id%3D2061%26var%3D6100_305%26ymid%3Daed5d43d-2b0a-49aa-b471-5d8eb3a79101%253Acdc0fdaeaeff032cc3d347150faecfe2e33df334%26utm_campaign%3D6100_305%26utm_medium%3D4655142%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669943625_cea9ee88bf27c425255875692f835298784ebd59a47b9d2e8129baca022a22af&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A951493130181%3Ahid%3A171320873%3Az%3A0%3Ai%3A20221202011348%3Aet%3A1669943628%3Ac%3A1%3Arn%3A701741331%3Arqn%3A11%3Au%3A1669943623171437792%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1669943622298%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1669953529%3At%3ALove%20Test%20%3C3&t=gdpr%2814%29ti%282%29
date: Fri, 02 Dec 2022 03:58:50 GMT
access-control-allow-origin: https://findyourhalf.top
set-cookie: yabs-sid=746893901669953530; Path=/; SameSite=None; Secure i=VYGCx8qde9jIOcTITY4qt4LmvLR0powpik2LO3eURtS+jT8ZTbP/7zoKTHXbG2x+AylKAvp528tuMzm9umqf2nBDCpQ=; Expires=Mon, 29-Nov-2032 03:58:44 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None yandexuid=5593419231669953530; Expires=Sat, 02-Dec-2023 03:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=5593419231669953530; Expires=Sat, 02-Dec-2023 03:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure ymex=1701489530.yc.1669953530#1701489530.yrts.1669953530#1701489530.yrtsi.1669953530; Expires=Sat, 02-Dec-2023 03:58:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:58:50 GMT
last-modified: Fri, 02-Dec-2022 03:58:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/survey-dating.59788360.js HTTP/1.1 
Host: findyourhalf.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ym_uid=1669943623171437792; _ym_d=1669943623; _ym_isad=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.15.100
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 02 Dec 2022 03:58:49 GMT
cf-bgj: minify
etag: W/"638898ee-476"
last-modified: Thu, 01 Dec 2022 12:07:10 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUlY5zhx1B%2Fd3LUoLTNnH042%2FqIxUbPRoAaq5tJJqhf6NFiRe31U9K0wYRdWNDg1G%2FzhCnnexJAPc1ByEPJuvxs1ENhc0ozZ%2B8gRjX2FjoDPcji557pSpEvT%2BJn5swx3YvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773125766a87b524-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---